Ethical Hacking is "Hacking to Help"

Our CTO, Ashutosh Bijoor, says “when the system is designed, security has to be in the very foundation of its architecture”. I agree with him. In today's digital world of cryptocurrency, plastic money and digital wealth, where almost everything is on the cloud/internet and skilled hackers can hack from virtually any part of the world. Hacking generally refers to unauthorized intrusion into a computer or a network. Cyber-security ventures predict that hacking or cyber-crime will cost the world $6 trillion annually by 2021. 

Power can used for good or bad purposes, it depends on one’s ethics, how he/she wants to use the tools and powers given to them.

When hacking is done not to harm, but to help in finding security loop holes, threats, vulnerabilities in systems, network or applications it is called ethical hacking. Its analogous  to calling a locksmith to help you out opening your locked house or car. My one and a half year old daughter accidentally locked me out of my house and I had to contact a locksmith to unlock the door to get back in. Technically a locksmith is an ethical hacker, since he gained entry to my house but with my permission.

In general hacking is not good and considered illegal. As per cyber law guidelines, hackers can widely be classified into three categories based on their intent of hacking: 

Black Hat Hackers - Evil Hackers

Also known as crackers, are those who hack in order to gain unauthorized access to a system and harm its operations or steal sensitive information. They not only try to misuse online banking but at times hackers have accessed confidential documents about nuclear plants and prisons in a cyber-attack. 

Grey Hat Hackers – Fun Hackers

They  are a blend of both black hat and white hat hackers. They act without malicious intent but for their fun, they exploit a security weakness in a computer system or network without the owner’s permission or knowledge. I remember when I got married, I hacked my sister in laws computer to know her better even before meeting her.  I thought she would be impressed with my computer skills, but believe me, she was really mad, hence I would say “do not try this at home”

White Hat Hackers - Ethical Hacker

They never intend to harm a system, they hack to help. An  Ethical Hacker is a Good "Bad Guy" like me. Bad guy in terms of breaking into the system and “cracks” the passwords but with a good intention in mind. My spouse forgot her email password, I hacked using dictionary attack and she was really impressed and I still remember I got a very nice dinner that day. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system security, so as to minimize or eliminate any potential attacks.

I fall in this category. During the 2019  Accion Global Innovation Summit, I did a presentation on ethical hacking with a live demonstration of hacking a gmail account using the Brute Force Attack or dictionary attack and shared security aspects to project it getting hacked. 

Prevention is better than cure. We at Accion focus fundamentally on the security aspect of software before considering performance, scalability, maintainability or aesthetic aspects of our customer application. We suggest and implement changes required to make our customers application secure against any kind of attacks by doing ethical hacking.