This is a sponsored post from Digi-Key. Written by S. Himmelstein.
The relatively new threat associated with hacking conjures visions of cyber attacks resulting in data loss or manipulation, identity theft, financial damage, and other adverse impacts. However, the same skills and tools used by malicious practitioners of such cyber crime can also be used by ethical hackers.
Like a sinister black hat hacker, the ethical white hat hacker unearths vulnerabilities and weaknesses in various systems. The major difference in this role though is that hacking skills are applied in a legitimate, lawful manner in order to find and fix system flaws before a cyber-intrusion occurs. As opposed to black hat hackers, who access systems illegally with malicious intent, white hat cyber security sleuths work with companies to help identify weaknesses in their systems and make corresponding updates. Network security is strengthened by this purposeful trespassing as data doors that may be inadvertently left open are identified and closed. The increased need for preventive action is driven by the growing threat posed by malware, viruses, and ransomware.
Of course, the power to harness these skill sets to secure infrastructure against potential cyber attacks can also be assumed by those wishing to turn from the dark side. The tale of Kevin Mitnick, whose black hat escapades included breaching the security of Digital Equipment Corporation, Sun Microsystems and other networks, is proof that there may be honor among thieves. Following a five-year prison sentence, Mitnick now heads his own cyber security business, providing security consulting for Fortune 500 companies and government agencies. Who better to fight a hack than the people who know how to launch one?
Tools of the Trade
An ethical hacker uses port scanning tools, most of which are open source, such as the Nmap network security mapper capable of discovering services and hosts on a network, thereby creating a network map. This software offers several features that assist in probing computer networks, hosting discovery as well as detecting operating systems. Critical bugs can also be uncovered by Nessus, a remote vulnerability scanner that can detect unpatched services and misconfigurations in addition to weak passwords. SQLMap is another tool that helps security researchers by launching SQL code injection tests against remote hosts. The program enables detection and testing of different types of SQL-based vulnerabilities to strengthen apps and servers, or to report vulnerabilities to different companies.
Armed with these programs, the ethical hacker attempts to evade intrusion detection and intrusion prevention systems, break through firewalls, and hijack web servers. Following the attack, the intention is to implement remedial measures in order to strengthen system security. After the scope and goals of a planned hacking test are defined, scanning is performed to understand how a target reacts to various intrusion attempts. Web applications are attacked using SQL injections, cross-site scripting, and other invasive methods to reveal and exploit vulnerabilities by theft or traffic interception. This process highlights weak links in a network’s chain. The test findings are used to reconfigure web application firewalls, and the white hat hacker begins again.
Opportunities in the Field
The number of cyber security job openings in the U.S. alone exceeds 300,000. Nearly 769,000 cyber security professionals are currently employed and more than three million cyber security positions are projected to be available worldwide by 2021. Opportunities for training and certification are expanding in concert with this demand as employers increasingly view such credentials as an important measure of proficiency in security engineering.
The Certified Ethical Hacker (CEH) is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). CEH credential holders possess skills and knowledge on hacking practices in areas such as footprinting and reconnaissance, scanning networks, enumeration, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, hacking web servers, wireless networks and web applications, SQL injection, cryptography, penetration testing, and firewalls.
The Global Information Assurance Certification program run by the SANS Institute, a provider of cybersecurity education, offers vendor-neutral certifications with courses that require hands-on learning. Penetration Tester certification covers password attacks, vulnerability scanning, web application injection attacks, and other intrusion risks found by forensics-based hacking.