Can Hacking be Ethical?

Main Article page | Beauty articles | Health page | Computers| Diseases | Education | Entertainment | Family
Business |Fitness|  Fruits and Vegetables | Jobs | General | Personality| Technology | Tourism | Useful Tips
Biography Page| Heroes & Incredible peoples | Inventions
Computer Main page| Free weekly downloads| Twitter | Printer drivers| Antivirus | Children safety | SMS| Articles

BY Vikrant NathThe term hacking over a period of time has earned negative reputation and has been associated with destructive and undesirable activities. Given the fact that any unauthorized access is considered to be a crime- can Hacking be ethical

Hacker refers to a person who enjoys learning the details of computer systems, stretching out capabilities and employees their hacking skills for offensive purpose. And on the contrary Ethical hackers are the security personnel who employ their hacking skills for defensive purpose.

Jefry, a 10^th standard student is a voracious reader of book related to IT and technology. He is always eager to learn and experiment the techniques that he reads. One day he came across a book named “ ABC of hacking”. Without any single thought he bought the book and started to read and master all the techniques described in the book. He felt that he should get some hands on. He visited a local library and wanted to try his skills in the pretext of searching the database of books. He connected his laptop to the library network and ran some tool in order to find some vulnerabilities or rather the inherent weaknesses in the network so that he can show the report to the concerned authorities and become famous.

Jefry discovered a lot of potential weaknesses and loopholes in the network. Is his action justified or legitimate?

Today organizations are increasingly becoming networked and dependent on computer systems as information is exchange at the speed of thought. Computers are used for accessing, providing and storing of critical information. A company’s information assets differentiate between the profits and the losses and consequently there is a sense of urgency to secure these assets from likely threats and vulnerabilities.

Threats : an action on event that might compromise security and is a potential violation of security. On the other hand Vulnerabilities are the weaknesses or design / implementation error when exposed can lead to an undesirable event compromising the security. Please note some interesting facts that every threat does not lead to an attack and not all attacks results in success. The result in success depends upon the degree of vulnerability, strength of the attack and the extent to which countermeasures are adopted. When vulnerability is exploited it constitutes an exposure. However not every exposure constitutes vulnerability.

For academic interest It is important to learn that there are mainly three types of hackers exists namely; Back Hat hackers are the user who uses their computer skills with malicious intent for illegal purpose. White hat hackers use their skills for defensive purpose where as the Gray hat hackers work both offensive and defensive. Ethical hackers are the ones wearing white and or gray hats.

Once hacker gains control over the user’s system or data they can access all the files / information that are stored on their computer including personal or corporate information, credit card details or customer data. If such information is altered or stolen a company can risk losing its credibility and trust thereby comprising the three critical components of information security which are confidentiality, Integrity and availability.

 Some tips in how to prevent hacking:

1. Use strong password. Never login and use your computer as higher privileged user such as administrator
2. Participate in security awareness sessions
3. Comply and adhere to the organization’s Policies and Procedures.
4. Avoid visiting scam / spammy websites
5. Don’t use default / generic username and password of any software / appliances
6. Update security patches from time to time
7. Secure the unused ports and disabled unused services.
8. Deploy minimum security guidelines / baseline as published by the vendor.
9. Employ security consultants to conduct vulnerability assessment and penetration testing.

Even though Jefry’s intention was honest but his action is considered illegitimate. Hacking into a network/ computer without prior permission from related authorities and a legal clearance from the court of law is considered to be a criminal offence.

( Courtesy: Mr.Vikrant Nath. Extracts from the speech given during Toastmasters session )

Articles