What Is Ethical Hacking and How Can It Protect You Against Threats?

  • By Alison OLeary
  • Apr 22, 2022

what is ethical hacking

Hackers have a bad name, and for good reason. Hacking is unauthorized entry into computer systems and software, often by breaking in through system vulnerabilities. By comparison, ethical hacking is authorized access using the same methods. Some companies and organizations welcome ethical hackers who help improve security without doing damage.

Hacking has become such a serious problem that the FBI has created a separate Most Wanted category strictly for computer criminals. Computer hacking is a significant problem. Opportunities for hacking have multiplied since many companies are migrating their businesses to cloud computing to make the most of advanced technology. One report says that hacking cost businesses $1 trillion in 2020. Reports say the widespread malware attack called SolarWinds that was attached to business computers cost the host software company $25 million. Even small businesses lost an average of $24,000 to hackers. This is why ethical hacking has become popular.

What is Ethical Hacking?

Ethical hackers figure out flaws in computer code and how they can be exploited for malicious purposes. Flaws may:

  • Allow access across platforms, letting a hacker steal data.
  • Allow ransomware that freezes the company's assets until the hackers' demands are met with cryptocurrency payments.
  • Provide an opportunity to implant malware that is sent to all client computers.
  • Be human: employees who can be tricked into providing proprietary information or access to data.
  • Be exposed through scans that search for vulnerable code.

Key Concepts of Ethical Hacking

In addition to looking for ways to breach poorly secured software, data, and code, ethical hackers may exploit flaws in employee training to gain access to systems and data. These methods can include:

  • Phishing – sending an email that entices the individual to click on a fake link. This link can launch malware or trick the employee into using a PIN or password collected by the hacker and later break into company data.
  • Waterholing – A process of guessing which websites employees use and lacing the website with malware. The malware allows the hackers access to company computers.
  • Smishing – Sending text messages to employees hoping to get them to click on a link that will provide crucial information that allows hackers entry into a system or database.

Who Are Ethical Hackers?

The National Security Agency (NSA) teaches courses in ethical hacking to train individuals on methods that malicious actors use to attack systems. These practices are designed to strengthen defenses against real hackers. Those interested in solving puzzles and computer security can earn an ethical hacking certification from Security University. This program may be a step in becoming an IT professional or a software developer. 

How Do Ethical Hackers Differ from Malicious Hackers?

One computer security company calls ethical hackers the white hats and malicious hackers the black hats. There is a third category, gray hats, who are hackers that are not invited to test the security of systems and do not hack to do damage. Gray hats hack for fun, to test systems, and often leave notes about the vulnerabilities they find. In a recent gray hat hack, systems administrators of Amazon cloud services were left notes about exposed data that hackers found easily. Gray hats are more likely to leave such anonymous messages than to approach system administrators directly because they could face legal penalties for hacking if they were caught.

Famous Hackers Who Claim to be Ethical

ethical hacker

One of the most infamous hackers of all time is Anonymous, which is not one person but a group ("hacktivist collective") that started on the message site 4chan in 2008. While Anonymous clearly operates as an illegal hacking organization, some say its motives are ethical. Anonymous has partnered with WikiLeaks to release classified government information that allows people to understand better what governments are doing. Anonymous has also participated in many hacks against specific groups whose motives run counter to what Anonymous sees as in the interest of humankind, such as DDoS (Distributed Denial of Service) attacks on MasterCard and PayPal for stopping payments to WikiLeaks founder Julien Assange. The group has also attacked the Church of Scientology, anti-abortion groups, Sony, and child pornography sites. In the fall of 2021, Anonymous hacked into the membership rolls of Neo-Nazi and white supremacist groups, collecting the information and distributing it to journalists who revealed the identities of some. Members of Anonymous may wear masks of a historical figure, Guy Fawkes.

An American man named Kevin Mitnick has made a career in computer hacking. When he was 16 years old, during the infancy of computer companies, Mitnick wreaked havoc on computer networks and phone companies by hacking into their systems and copying code. He has been arrested and jailed for his crimes. In recent years Mitnick turned his talent for breaking into computer systems into a security consulting business. In his business, he ethically hacks clients’ networks to reveal vulnerabilities. The techniques were learned during his criminal exploits.

About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in t ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. Wha ... Read More

Top 4 Insider Data Breaches and 7 Steps to Prevent One

Data breaches are on the news frequently, but the average person doesn’t really know that much a ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.