What Is Ethical Hacking and How Can It Protect You Against Threats?
Table of Contents
- By Alison OLeary
- Published: Apr 22, 2022
- Last Updated: Nov 23, 2023
Hacking has become such a serious problem that the FBI has created a separate Most Wanted category strictly for computer criminals. Computer hacking is a significant problem. Opportunities for hacking have multiplied since many companies are migrating their businesses to cloud computing to make the most of advanced technology.
One report says that hacking cost businesses $1 trillion in 2020. Reports say the widespread malware attack, SolarWinds, cost the attached software company $25 million. Even small businesses lost an average of $24,000 to hackers. This is why ethical hacking has become popular.
These losses give hackers a bad name. Traditional hacking is unauthorized entry into computer systems and software, often by breaking in through system vulnerabilities. However, there is a type of hacker who is highly sought after by companies and organizations. They locate weaknesses in security protocols and prepare businesses to fight against the most current penetration strategies. This is known as ethical hacking.
What is Ethical Hacking?
Ethical hacking is also known as white hat hacking or penetration testing. As opposed to malicious, black-hat hacking, ethical hacking is entirely legal and doesn’t aim to damage or steal from the target.
The practice typically targets vulnerabilities in computer systems, networks, and cloud servers. However, many ethical hackers search for weak points in employees through social engineering attacks. An unprepared organization opens itself up to the following risks:
- Ransomware attacks
- Cross-platform vulnerabilities
- Downloading malware due to human error
- Database attacks
Professional ethical hackers usually go through the same five steps. These are:
Reconnaissance
The first step is reconnaissance or information gathering. Ethical hackers need to know everything about the organization’s operations to determine where malicious actors are most likely to attack. Reconnaissance involves learning structural factors like where data is stored, how employees communicate, what applications are used, and much more.
While some information can be gleaned by researching the organization’s public resources, such as its website, the employer’s cooperation is necessary for the finer details.
Scanning
In this phase, your professional hacker starts going through your infrastructure with a fine comb. Scanning helps them understand how the various systems in your organization connect and affect each other. They’ll look for every open port and probe for additional data. Important information includes network addresses, application version numbers, and host operating systems.
Scanning is often done without ethical hacking in mind. In these cases, it’s called vulnerability scanning and is performed by security-focused organizations routinely. Vulnerability scanning alone will highlight where a security weakness might be, but how it’s attacked won’t become apparent until an attack is simulated.
Vulnerability Assessment
Here, the hacker takes everything they’ve learned and locates the weakest links. In their report, hackers frequently separate these weaknesses into different groups and prioritize them based on risk.
This categorization is essential as threat actors constantly discover new weaknesses in the world’s most utilized systems. It’s impossible to patch every vulnerability right away. So, knowing what to fix first and tackling that is a far better use of a security team’s time.
The larger the infrastructure, the more critical it is to use the right tool. Professionals will use one or all of the following:
- Network-Based Scanning for finding risky systems on wired or wireless networks.
- Database Scanning for identifying your risk for database and user interface attacks like SQL Injections.
- Host-based Scanning for checking the configuration settings of external applications and hosts.
- Wireless Network Scanning for locating poorly configured access points and securing Wi-Fi networks.
- Application Scanning for testing for vulnerabilities in third-party applications or frequently used support websites.
Exploitation
After pinpointing the vulnerabilities comes the fun part. At least, fun for the ethical hacker because this is where they make the black hatter’s life a whole lot harder.
The penetration tester goes down the list of potential weak spots and uses them to try and break into the target’s system. This step resembles a high-level attack using tools like Acunetix, Core Impact, or Metasploit.
Reporting
The hacker’s final report includes all found vulnerabilities, which exploits successfully broke through, and how to ensure the same attack doesn’t work for the next hacker. This report should be the organization’s master key to shoring up its weaknesses and securing its customer data. For now, at least.
Key Concepts of Ethical Hacking
In addition to looking for ways to breach poorly secured software, data, and code, ethical hackers may exploit flaws in employee training to gain access to systems and data. These methods can include:
- Phishing – sending an email that entices the individual to click on a fake link. This link can launch malware or trick the employee into using a PIN or password collected by the hacker and later break into company data.
- Waterholing – A process of guessing which websites employees use and lacing the website with malware. The malware allows hackers access to company computers.
- Smishing – Sending text messages to employees hoping to get them to click on a link that will provide crucial information that allows hackers entry into a system or database.
How do I Become an Ethical Hacker?
The National Security Agency (NSA) teaches courses in ethical hacking to train individuals on methods that malicious actors use to attack systems. These practices are designed to strengthen defenses against real hackers. Those interested in solving puzzles and computer security can earn an ethical hacking certification from Security University. This program may be a step toward becoming an IT professional or a software developer.
How Do Ethical Hackers Differ from Malicious Hackers?
One computer security company calls ethical hackers the white hats and malicious hackers the black hats. There is a third category, gray hats, who are hackers that are not invited to test the security of systems and do not hack to do damage.
Gray hats hack for fun or may be motivated by a sense of duty. You can consider gray hats as vigilantes, kind of like Batman. They prioritize personal ethics and morals over the law when testing systems, and often leave notes about the vulnerabilities they find. In a recent gray hat hack, systems administrators of Amazon cloud services were left notes about exposed data that hackers found easily.
Gray hats are more likely to leave such anonymous messages than to approach system administrators directly because they could face legal penalties for hacking if they were caught, even if the intentions are not malicious. Engaging in hacking activities without proper authorization or consent is generally discouraged, but not completely unprotected.
Last year, amendments in US policy made it safer to perform ethical, even gray-hat, hacking. You just need to prove that your intentions were for the greater good.
Ethical Hacking and the Computer Fraud and Abuse Act
The Computer Fraud and Abuse Act (CFAA) was recently revised to include a "good faith" clause for ethical hacking. These extended protections ensure that the field of cybersecurity can safely grow to combat bad actors, and it may even extend to gray-hat operations in certain circumstances.
This amendment characterizes good faith hacking as any activity "carried out in a manner designed to avoid any harm to individuals or the public."
This distinction solved a problem that's persisted since the CFAA was created in 1986. The possible legal penalties of ethical hacking caused some people to be punished when their efforts contributed to a safer online environment.
The new policy doesn't give a free pass to malicious hackers. A group of Federal prosecutors will determine on a case-by-case basis whether a hacker was working in good faith. This process will likely protect all professionally employed ethical hackers but leaves a risky area for the well-meaning yet uninvited hacker.
Gray-hat hackers who want to benefit from these protections should strongly consider joining a bug bounty program.
What Are Bug Bounty Programs?
We all know bounty hunters—rough loners in leather jackets who hunt down criminals on their own terms. Bug bounty programs give ethical hackers a chance to do this, too, just from behind the safety of a keyboard.
Many organizations reward ethical hackers that discover vulnerabilities in their operations. ChatGPT, an AI software that shook the world this year, offered an open bounty of up to $20,000 for "exceptional discoveries." On another occasion, Google paid the user "gzobqqq" $605,000 for finding an exploit chain in Android.
The theory of bug bounty programs is similar to the hacktivist group Anonymous. Organizations leverage the collective power of the hacking community to locate problems their in-house teams might miss. They also help to discover new talent and make the ecosystem safer as a whole.
Bug bounty programs outline detailed rules for what kind of bugs and vulnerabilities they're looking for. It's essential to read these guidelines carefully before beginning your search, as they could be the difference between being identified as grey or white-hatted.
Famous Hackers Who Claim to be Ethical
One of the most infamous hacker groups of all time is Anonymous which is a "hacktivist collective" that started on the message site “4chan” in 2008. While Anonymous clearly operates as an illegal hacking organization, some say its motives are ethical.
Anonymous has partnered with WikiLeaks to release classified government information that allows people to understand better what governments are doing. Anonymous has also participated in many hacks against specific groups whose motives run counter to what Anonymous sees as in the interest of humankind, such as DDoS (Distributed Denial of Service) attacks on MasterCard and PayPal for stopping payments to WikiLeaks founder Julien Assange.
The group has also attacked the Church of Scientology, anti-abortion groups, Sony, and child pornography sites. In the fall of 2021, Anonymous hacked into the membership rolls of Neo-Nazi and white supremacist groups, collecting the information and distributing it to journalists who revealed the identities of some. Members of Anonymous may wear masks of a historical figure, Guy Fawkes.
However, they’ve also been connected to racially charged campaigns themselves, such as OpsIsrael, which was an annual attack on Israeli organizations. One of their targets was “Larger than Life,” an Israeli non-profit seeking to help children diagnosed with cancer.
An American man named Kevin Mitnick has made a career in computer hacking. When he was 16 years old, during the infancy of computer companies, Mitnick wreaked havoc on computer networks and phone companies by hacking into their systems and copying code. He has been arrested and jailed for his crimes. In recent years Mitnick turned his talent for breaking into computer systems into a security consulting business. In his business, he ethically hacks clients’ networks to reveal vulnerabilities. The techniques were learned during his criminal exploits.