How has the role of ethical hacking changed over 20 years?

Ethical hacking has gone from being a controversial weapon in the cybersecurity armoury to the mainstream. How have ethical hackers become "White Hats"?

An ethical hacker, also referred to as a white hat hacker, is an information security (infosec) expert who penetrates a computer system, network, application or other computing resources on behalf of its owners and with their authorisation. Organisations call on ethical hackers to uncover potential security vulnerabilities that malicious hackers could exploit.

The term hacking first started to appear in the 1960s in connection with activities at MIT, which was the leading university in the then-fledgling computer science area. It referred to applying creative engineering techniques to "hack" machinery and make it operate more efficiently. At the time, hacking was considered to be a compliment for those with exceptional skills in computer programming.

By the 1990s the term 'hacking' had lost its more favourable aspects and was beginning to be associated with malicious and damaging attacks on computer programmes. To combat the growth of computer hacking firms began to employ computer experts who may have been involved in the practice earlier in their careers and therefore knew what to look for in potential cyber-attacks. These pioneers became known as ethical hackers or white hat hackers.

Since then, the commercialisation of hacking skills, known as hacking as a service (HaaS), has made cybersecurity more complex. On the positive side, cybersecurity firms and information technology (IT) security vendors have started to offer optional ethical HaaS via contract to corporate clients. However, an underground market is flourishing on the dark web, including online marketplaces for aspiring hackers, often in the pursuit of illegal activities.

The coronavirus pandemic created new avenues of pursuit for cybercriminals. In "The Hidden Costs of Cybercrime," published in July 2020 by the Centre for Strategic and International Studies and security software company McAfee, monetary losses from cybercrime in 2020 were estimated to top $945 billion. In addition, the report estimated that organisations will spend $145 billion on cybersecurity services and technologies this year.

It is clear that the battle against cybercrime is ongoing, complex and expensive with huge money involved on all sides. With the fallout of the COVID pandemic only starting to reveal itself the stakes will only get higher. 


Featured Articles

AWS launches 2023 European Defence Accelerator for startups

AWS is launching its European Defence Accelerator, open to startups interested in doing business with defence and national security organisations

Gartner unveils top cybersecurity predictions for 2023-2024

Half of CISOs will formally adopt human-centric design practices into their cybersecurity programmes, while adoption of zero trust architecture will rise

DDoS protection market to grow amid increase in attacks

According to research by Cloudflare, DDoS attacks increased by 109% last year, with the last 12 months seeing some of the largest attacks the world

The impact data poisoning has on cyber and AI

Cyber Security

Five innovative ways AI can help prevent cyber attacks

Cyber Security

SailPoint delivers new non-employee risk management solution

Cyber Security