In 2011, a group of hackers attacked PlayStation Network. This resulted in 77 million users’ personal and financial information being exposed. I remember this whole ordeal, I couldn’t play any games online for 23 days. The breach cost the company over 165 million dollars, and is considered one of the biggest data breaches in history. Hacking has become been a huge phenomenon since the early 1990’s, but the history of hacking is not really known. Ethical hacking isn’t something that is spoken about a lot, but there is some discussion on whether it’s a positive or negative thing.
Hacking is the use of a computer to access data that, you do not have authorized access to. But there are some significant figures in the hacking world, that have helped pave the way for hacking to become what it is. The first documented case of hacking was in 1903; “Nevil Maskelyne was able to disrupt a demonstration of Guglielmo Marconi’s “secure” wireless telegraph technology, by sending insulting Morse code through the projector (Gascueña, 2016).” But this incident is not considered one of the stepping stone of hacking. The most infamous hacking case regards Kevin Mitnick, the first hacker to make the FBI’s Most Wanted List. At the age of sixteen Mitnick was able to break into Digital Equipment Corporation and copy their software. “While on the run for this crime, Mitnick was able to gain access to computers in order to clone cellular phones to hide his location and copy software from some of the country’s biggest telephone and computer companies (Christensen, 1999).” Mitnick is considered the king of all hackers, but there is one other person who could be deemed worthy of the title. Gary McKinnon is responsible for the “biggest military hack of all time”. Gary McKinnon considers himself a hacktivist (a hacker whose activity is for a political or social cause). “McKinnon hacked into at least 97 U.S military and NASA computers over a 13-month span (Frucci, 2008)”. McKinnon was able to delete important files from the computers operating systems, and proceeded to post a note on the military’s website saying, “your security sucks (Frucci, 2008).” After 9/11 McKinnon deleted weapons logs at Earle Naval Weapons Station, this attack rendered 300 computers inoperable and left weapons unable to be delivered. His supporters said that his attacks were in the name of political justice.
A majority of the world doesn’t realize that most hackers do not hack with the endgame being the theft of information, but that most of what they do is for the good of the people. Of course, there are some pros and cons that come along with ethical hacking.
I got the privilege to interview Devon Leary who works in the cyber security field, and she said something that stuck out to me; “only a hacker can combat a hacker (Leary, 2018).” The CIA and FBI could hire and train people for years, and they would probably never be on the level of a professional hacker. Ethical hackers can be a blessing to some branches of government, some branches hire hackers to fight against terrorism and nation security breaches. One of the earliest uses of critical hacking was in the 1970’s “The United States government utilized its knowledge and services of a group of experts. The government enlisted these ethical hackers to hack into the United States government’s computer systems (Kitchen, 2010).” The purpose of this was to find and address any possible threats and vulnerabilities. I feel that if the government is hiring people to hack into their systems then the hiring of ethical hackers is not an option, but a must. While I was talking to Devon, I of course asked her what she does. She told me she does pen testing, she then went on to describe what pen testing was, “Penetration testing is the act of running cyberattacks on your own system to find any loops or vulnerabilities (Leary, 2018).” “I only do level one pen testing. The level two pen testing is done by a team of hackers, and a level 2 test much more advanced cyberattack test method (Leary, 2018).”
Hackers mainly tend to target small businesses, due to the fact that it requires less work to hack than say a branch of government. Less work for a decent payoff is attractive to the average hacker; for example, 90% of PC users use Window’s operating system, so a hacker isn’t going to waste their time trying to hack a PC with MacOS. It’s a lot less work, and the reward is more than likely going to be a bigger payoff. Window’s is easier to hack due to it being an open-ended system, whereas MacOS does not leave a lot of room for customization. But what most business owners don’t realize is that small business could actually benefit from ethical hacking. Hiring an ethical hacker would allow a business to create security at all levels and allow all customer data to be protected. If I were a small business owner, I would relish in the fact that I could hire a hacker, to build a network that would deter hackers and protect the system from attacks.
There are many benefits when it comes to ethical hacking, but with that comes a dark side. When it comes to ethical hacking the person typically means well, but there’s always the off chances that the person uses their talents for malicious reasons. Let’s say a hacker sets up the security for a business; said hacker then has the potential to go in later and steal company financial records and customers personal information. This has more long-term effects which, could lead to identity theft, credit card fraud, and could even give the hacker access to a person’s email. So, as I was doing research I found something that interested me. Businesses and people who hire ethical hackers, tend to have a lack of trust. I didn’t think this would be an issue, considering that most times these hackers are doing a complete system overhaul. But, Devon gave me an instance where she as a IT worker/hacker was asked to the wrong thing. “I was told by the IT Advisor to fabricate data to allow our department to seem on scope for the roadmap for 2020 (Leary, 2018).” “When you hire a hacker to work for you, they’re an employee of the company (Top 10 Pros and Cons of Hiring Hackers to Enhance Security, n.d.).” When Devon said this to me, I naturally assumed that everything they did on the clock was fair game. I do believe that there should be rules in place for hackers that are hired on. It’s really up to the business or person to figure out if the pros outweigh the cons. Of, course that is going to vary from person to person.
Doing research on the topic of ethical hacking and talking to Devon, made me think about where I stood on the topic morally. I’m totally for ethical hacking, I think that the pros truly outweigh the cons. I believe that there will come a time when ethical hacking could potentially save the world, I do know that it could stop some of the massive cyberattacks that we have had. Also, the fact that I’m going to school for cyber security speaks volumes, this is what I’m planning to do for a majority of my life. I couldn’t do it, if I didn’t stand behind it 150%.
I found the stepping stones of history interesting, those people made hacking what it is. It was nice talking to someone in the field, very insightful. If someone is thinking about hiring a hacker, they now know what some of the benefits and concerns are.
Writing this paper has made me wonder what ethical hacking will be like in the future. I think ethical hacking will play a bigger role in the future, we’re actually going to need more hackers to come out of the woodwork. The next group of terrorist and bad hackers are growing up strictly in a digital world, we’re going to need young fresh hackers to combat those threats. “Hackers are actually good, pleasant and extremely intelligent people who could keep computer criminals on the run (Soin, n.d.).”
?