Ethical hacking as a career

Parthajit DholeyInformation Technology

2nd yearA-70

Last year ethical hacking was estimated to be a US$ 3.8 billion industry in the US alone.

According to Nasscom, India will require at least 77,000 ethical hackers every year

But we are producing only 15,000 in a year, currently. Ethical hacking is growing at a tremendous pace and offers a plethora of lucrative job opportunities

Want to be an ethical hacker??

Types of hacker:

White Hat: breaks security for non-malicious reasons.

Black Hat: violates computer security for little reason beyond maliciousness or for personal gain

Grey Hat: A grey hat hacker is a combination of a black hat and a white hat hacker

Elite Hacker:

Script Kiddie: non-expert who breaks into computer systems by using pre-packaged automated tools written by others

Neophyte: new to hacking or phreaking and has almost no knowledge or experience of the workings of technology

and hacking.

Blue Hat: someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed.

Hacktivist: utilizes technology to publicize a social, ideological, religious or political message.

Nation state: Intelligence agencies and cyberwarfare operatives of nation states.

Ethical Hacker

An ethical hacker is usually employed by an organization who trusts him or her to attempt to penetrate networks and/or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer security vulnerabilities. Unauthorized hacking (i.e., gaining access to computer systems without prior authorization from the owner) is a crime in most countries, but penetration testing done by request of the owner of the victim system(s) or network(s) is not.

Ethical hacking and a ethical hacker are terms that describe hacking performed to help a company or individual identify potential threats on the computer or network. An ethical hacker attempts to hack their way past the system security, finding any weak points in the security that could be exploited by other hackers. The organization uses what the ethical hacker finds to improve the system security, in an effort to minimize, if not eliminate, any potential hacker attacks.

How can a hacker be ethical? It turns out that many companies hire these experts to purposefully hack systems in order to pinpoint problems in security measures before their less-ethical counterparts get the chance. You can even become a Certified Ethical Hacker (CEH), a professional who’s tasked with network policy creation, intrusion detection and virus creation.

First and foremost is the ability to write programmes in many programming languages like C, C++, Perl, Python, and Ruby. For those working with web applications, Microsoft .NET and PHP are vital.

Knowledge of assembly language is also essential for those who want to analyse disassembled binaries. Knowledge of a variety of operating systems (Microsoft Windows, various versions of Linux, etc.) is critical.

Experience with various network devices, including switches, routers and firewalls is also important. An ethical hacker also should have a basic understanding of TCP/IP protocols such as SMTP, ICMP and HTTP.

In addition to technical skills, an ethical hacker needs good soft skills. Perhaps the most important skill, however, is adaptability. When testing software and systems, ethical hackers never know what will come up, so the ability to be resourceful is vital.

Skillset required:

Types and Techniques:

Vulnerability scanner:

Password cracking:

Packet sniffer:

Spoofing attack (Phishing):

Rootkit:

Social engineering:

Trojan horses:

Computer virus:

Computer worm:

Keystroke logging:

Tools and Procedures:

The information security industry is going at a current worldwide growth rate of 21%. Frost & Sullivan have estimated that there are 2.28 million information security professionals worldwide which is expected to increase to nearly 4.2 million by 2015. The need for information security for security compliance in India is mandatory for all companies with an IT backbone. The requirement for such personnel is especially high with organisations in the IT/ITES space.

Growth areas:

Conclusion: Remuneration: A fresher may work as an intern for a couple of months and can start with a minimum of Rs 2.5 lakh per annum. With one year of experience, one can expect upto Rs 4.5 lakh per annum. Those with work experience five years or more can get from 10-12 lakh per annum.

Why It’s a Job of the Future : With a median salary of $92,200 per year, these moral intruders can lead a very comfortable life. But some worry that ethical hackers have the potential to go “rogue” and take their considerable skills over to the dark side, which may be why the job isn’t yet mainstream. Frey says that, in order for ethical hackers to ever be widely accepted, we need to officially distinguish between what is and isn’t ethical. For instance, does an ethical hacker have the right to distribute information that he accesses through his position? “This [privacy vs. transparency] debate won’t go away anytime soon,” Frey adds. “We need to establish ground rules.”

Thank you…