by Haris Dainposh
More and more countries are working to generate a force of trained hackers because we cannot flee from the fact that Ethical Hackers are going to be our future avengers.
Getting hold of someone’s confidential data, reading secret messages and swapping personal dossier, this is the dictum that usually hits us when we catch the word Hacker or Hacking. But is this what hacking is all about??
Up to a certain point of time, hackers were acknowledged as the guys persuading for their personal gain or fun, quest to break into a mesh of network, a personal computing device or even a data store. After a periodic analysis and their evident contribution to social security, they have totally rotated the way we used to define them. Technically hackers are assorted into three main columns, Black Hat hackers, White Hat Hackers and Grey Hat hackers.
A Black Hat hacker is a sort of bad guy who tries to advance an unauthorized entry into a network or a system to explore various ways for malevolent purposes. Their main purpose of exploitation is to gain access on important credentials whether financial or personal information, as they can use it for their personal gain by either exchanging money or getting a direct clamp on the dollars.
A White Hate hacker in comparison to a black hat hacker is a good guy who tries to explore various penetration gaps in a network or a system under a legal code of conduct. These hackers are also known as Ethical Hackers and their main aim is to find the vulnerabilities or security holes in a network to prevent any malicious attack. Ethical hackers are mostly trained hackers or hackers converted from a black hat community, working on a companies payroll or even contract-roll.
A Grey Hat Hacker stands in between the two. Unlike Ethical Hackers, a grey hat hacker works independently of any policies; they surf through to catch the flaws but don’t create any trouble. Though Grey Hat hacking is still illegal some companies encourage Grey Hat hacking and pay rewards in exchange of the vulnerabilities they expose.
Mass Computers Convergence
With the advancement of Internet and technology, we are heading towards an era where we reckon to see each trace of technology going smarter. The inception of IoT (Internet of Things) clamped with a super-fast Internet, has already created a path for smart living. It has been estimated that by the end of 2025 there will be more than 75 billion IoT connected devices in use.
But are we aware of the drawbacks or the sensitivities that such a mode of life may lead us to? A small security hole in your appliances like a smart geyser or a smart kettle that a hacker may break into, connected to your wifi, controlled by your smartphone can lead to unauthorized access to both of your wifi as well as your phone.
Now imagine these devices connected through IoT, communicating to a cloud system where not only hundreds or thousands but possibly millions of devices store their informative data and that may directly or indirectly expose them to some serious security risks, which might even prove to be a disaster. One of such incidents took place three years back when a malware that was named as Petya was used for a global cyberattack primarily targeting Ukraine. Among the list, the Ukrainian companies where the first to state that they were attacked and later the countries like France, Germany, Italy, Poland, United Kingdom and the United States also reported the infection.
It was believed that a small data Centre in Ukraine that was providing services to a majority of the businesses in Ukraine and also a part of a server to MEDoc (a Ukrainian tax preparation programme) was attacked at first. It was found in the analysis that a backdoor was present in the updating system for at least six weeks prior to the attack. The damage was done to a severe, which lead to a loss of billions of dollars and death to the operations for many companies across the globe.
In May 2017 a cyber-attack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
In 2015, the dating site Adult Friend Finder was attacked and the information (pseudonyms, dates of birth, postal codes, IP addresses, and sexual preferences) of 4 million accounts was made public on a forum only accessible on Tor.
In December 2015, hackers compromised information systems of three energy distribution companies in Ukraine and temporarily disrupted the electricity supply to consumers and there are many such cases that took place across the past two decades when technology was grooming.
Impending the effects, an ethical hacker plays a vital role in building the immunity of a system or a network of systems. They employ strategies like scanning ports using tools like Nmap or Nessus, examine patch installations, sniffing networks, bypassing and cracking wireless encryption, and hijacking web servers and web applications. They may even attempt to evade IDS (Intrusion Detection systems), IPS (Intrusion Prevention systems), honeypots, and firewalls.
Just to reveal the potential ways of cyber attacks and its security threats to common people, a number of live ethical hacking conferences are being organized annually across the world. One of such a show can be seen in DEFCON, the world’s largest, longest underground ethical hacking conferences. From hacking competitions to social engineering, a complete showpiece of skill set for a common man to experience how a hacker can break into any secure firewall. An act to expose how life-threatening a technology may prove to be, it gets creepy for most of us to see a moving car being hacked and killed into a wall; an eerie glimpse of losing the entire control of your credentials stored in your hard drive by unzipping a single email from an unknown source.
This is the only reason why the cybersecurity, which is already a multi-billion dollar industry is expected as an obligatory to grow more. Courses are being promoted on institutional grounds so that more and more students may learn about new tools and tactics with more initiatives have been taken to convert more underground hackers into ethical hackers that may add up the resources for betterment to security and surveillance. The level of uncertainty reaches to the crust when the point of departure is about national security and under such a case it doesn’t hamper a bunch of people but, in millions at a time.
To tackle such a matter of contention a majority of nations worldwide have started investing over the cyber reforms to promote the ethics of hacking and surveillance. Undoubtedly cyber forces are going to be a part of warfare and the countries, which are believed to have the most developed offensive and defensive cyber warfare capabilities are going to win. At present, the United States, the United Kingdom, Russia, India, Pakistan, China, Israel, Iran, and North Korea have developed cyber warfare capabilities. More and more countries are working to generate a force of trained hackers because we cannot flee from the fact that Ethical Hackers are going to be our future avengers.
(The author @Haris10335103 is an engineer who writes when he finds time. He is serving as Network Maintenance Engineer for Bharti Airtel Ltd)