How has the role of ethical hacking changed over 20 years?

Ethical hacking has gone from being a controversial weapon in the cybersecurity armoury to the mainstream. How have ethical hackers become "White Hats"?

An ethical hacker, also referred to as a white hat hacker, is an information security (infosec) expert who penetrates a computer system, network, application or other computing resources on behalf of its owners and with their authorisation. Organisations call on ethical hackers to uncover potential security vulnerabilities that malicious hackers could exploit.

The term hacking first started to appear in the 1960s in connection with activities at MIT, which was the leading university in the then-fledgling computer science area. It referred to applying creative engineering techniques to "hack" machinery and make it operate more efficiently. At the time, hacking was considered to be a compliment for those with exceptional skills in computer programming.

By the 1990s the term 'hacking' had lost its more favourable aspects and was beginning to be associated with malicious and damaging attacks on computer programmes. To combat the growth of computer hacking firms began to employ computer experts who may have been involved in the practice earlier in their careers and therefore knew what to look for in potential cyber-attacks. These pioneers became known as ethical hackers or white hat hackers.

Since then, the commercialisation of hacking skills, known as hacking as a service (HaaS), has made cybersecurity more complex. On the positive side, cybersecurity firms and information technology (IT) security vendors have started to offer optional ethical HaaS via contract to corporate clients. However, an underground market is flourishing on the dark web, including online marketplaces for aspiring hackers, often in the pursuit of illegal activities.

The coronavirus pandemic created new avenues of pursuit for cybercriminals. In "The Hidden Costs of Cybercrime," published in July 2020 by the Centre for Strategic and International Studies and security software company McAfee, monetary losses from cybercrime in 2020 were estimated to top $945 billion. In addition, the report estimated that organisations will spend $145 billion on cybersecurity services and technologies this year.

It is clear that the battle against cybercrime is ongoing, complex and expensive with huge money involved on all sides. With the fallout of the COVID pandemic only starting to reveal itself the stakes will only get higher. 

Share

Featured Articles

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Head of Industry Solutions at Illumio, Raghu Nandakumara, offers insight into the proposed ban on ransom payments and how businesses can utilise Zero Trust

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI

Gartner report highlights threat of supply chain attacks

Cyber Security