How has the role of ethical hacking changed over 20 years?

Ethical hacking has gone from being a controversial weapon in the cybersecurity armoury to the mainstream. How have ethical hackers become "White Hats"?

An ethical hacker, also referred to as a white hat hacker, is an information security (infosec) expert who penetrates a computer system, network, application or other computing resources on behalf of its owners and with their authorisation. Organisations call on ethical hackers to uncover potential security vulnerabilities that malicious hackers could exploit.

The term hacking first started to appear in the 1960s in connection with activities at MIT, which was the leading university in the then-fledgling computer science area. It referred to applying creative engineering techniques to "hack" machinery and make it operate more efficiently. At the time, hacking was considered to be a compliment for those with exceptional skills in computer programming.

By the 1990s the term 'hacking' had lost its more favourable aspects and was beginning to be associated with malicious and damaging attacks on computer programmes. To combat the growth of computer hacking firms began to employ computer experts who may have been involved in the practice earlier in their careers and therefore knew what to look for in potential cyber-attacks. These pioneers became known as ethical hackers or white hat hackers.

Since then, the commercialisation of hacking skills, known as hacking as a service (HaaS), has made cybersecurity more complex. On the positive side, cybersecurity firms and information technology (IT) security vendors have started to offer optional ethical HaaS via contract to corporate clients. However, an underground market is flourishing on the dark web, including online marketplaces for aspiring hackers, often in the pursuit of illegal activities.

The coronavirus pandemic created new avenues of pursuit for cybercriminals. In "The Hidden Costs of Cybercrime," published in July 2020 by the Centre for Strategic and International Studies and security software company McAfee, monetary losses from cybercrime in 2020 were estimated to top $945 billion. In addition, the report estimated that organisations will spend $145 billion on cybersecurity services and technologies this year.

It is clear that the battle against cybercrime is ongoing, complex and expensive with huge money involved on all sides. With the fallout of the COVID pandemic only starting to reveal itself the stakes will only get higher. 


Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security