We humans are highly tech savvy in today's times with the extensive use of the internet and modern technologies there is a massive challenge in protecting all our digital data such as net banking information account credentials and medical reports to name a few have you heard about the deadly one a cry ransomware attack the attack happened in May 2017 in Asia and then it spread across the world within a day more than 230,000 computers were infected across 150 countries the one equai crypto worm encrypted the data and locked the users out of their systems for decryption of the data the users were asked for a ransom of 300 to 600 dollars in Bitcoin the users who use the unsupported version of Microsoft Windows and those who hadn't installed the security update of April 2017 were targeted in this attack the one a cry attack took a toll on every sector top-tier organizations like Itachi Nissan and FedEx had to put their businesses on hold as their systems were effective - now this is what you call a cyber attack to prevent such attacks cyber security is implemented we can define cyber security as the practice of protecting networks programs computer systems in their components from unauthorized digital attacks these illegal attacks are often referred to as hacking hacking refers to exploiting weaknesses in a computer network to obtain unauthorized access to information a hacker is a person who tries to hack into computer systems this is a misconception that hacking is always wrong there are hackers who work with different motives.
let's have a look at three different types of hackers blackhat hackers are individuals who illegally hack into a system for a monetary gain on the contrary we have white hat hackers who exploit the vulnerabilities in a system by hacking into it with permission in order to defend the organization this form of hacking is absolutely legal and ethical hence they are also often referred to as ethical hackers in addition to these hackers we also have the grey hat as the name suggests the color gray is a blend of both white and black these hackers discover vulnerabilities in a system and report it to the system's owner which is a good act but they do this without seeking the owner's approval
Sometimes gray hat hackers also ask for money in return for the spotted vulnerabilities now that you have seen the different types of hackers let's understand more about the hacking that is legal and valid ethical hacking through an interesting story dan runs a trading company he does online training with the money his customers and best everything was going well and Dan's business was booming until a hacker decided to hack the company's servers the hackers stole the credentials of various trading accounts he asked for a lump sum ransom in exchange for the stolen credentials Dan took the hackers words lightly and didn't pay the hacker as a result the hacker withdrew money from various customers accounts and Dan was liable to pay back the customers Dan lost a lot of money and also the trust of his customers after this incident Dan gave a lot of thought as to what could have gone wrong with the security infrastructure in his company he wished there was someone from his company who could have run a test attack to see how vulnerable systems were before the hacker penetrated into the network this was when he realized he needed an employee who thinks like a hacker and identifies the vulnerabilities in his network before an outsider does to do this job he hired an ethical hacker John John was a skilled professional who worked precisely like a hacker in no time he spotted several vulnerabilities in Dan's organization and closed all the loopholes hiring an ethical hacker helped Dan protect his customers from further attacks in the future this in turn increased the company's productivity and guarded the company's reputation so now you know hacking is not always bad John in this scenario exposed the vulnerabilities in the existing network and such hacking is known as ethical hacking.
Ethical hacking is distributed into six different phases let us look at these phases step by step with respect to Al John our ethical hacker will act before launching an attack the first step John takes is to gather all the necessary information about the organization's system that he intends to attack this step is called reconnaissance he uses tools like in map and H ping for this purpose John then tries to spot the vulnerabilities if any in the target system using tools like in map and expose this is the scanning phase now that he has located the vulnerabilities he then tries to exploit them this step is known as gaining access after John makes his way through the organization's networks he tries to maintain his access for future attacks by installing backdoors in the target system the Metasploit tool helps him with this this phase is called maintaining access John is a brilliant hacker hence he tries his best not to leave any evidence of his attack this is the fifth phase clearing tracks we now have the last phase that is reported in this phase John documents a summary of his entire attack the vulnerabilities he spotted the tools he used and the success rate of the attack looking into the report John is now able to take a call and see how to protect his organization from any external cyberattacks
Don't you all think John is an asset to any organization if you want to become an ethical hacker like John then there are a few skills that you need to acquire first and foremost you need to have a good knowledge of
- Operating environments such as Windows, Linux, UNIX and Macintosh
- You must have reasonably good knowledge of programming languages such as HTML, PHP, Python, SQL and JavaScript
Networking is the base of ethical hacking hence you should be good at it ethical hackers should be well aware of security laws so that they don't misuse their skills finally you must have a global certification on ethical hacking to successfully bag a position of an ethical like John
Few examples of ethical hacking certification are certified ethical hacker certification C/EH, CompTIA penTest+, and L/PT(license penetration tester) certification to name a few simply learn provides a cyber security expert master's program that will equip you with all the skills required by a cyber security expert
In which phase of ethical hacking will you install backdoors in the target system ?
- Scanning
- Maintaining access
- Clearing tracks
- Reconnaissance
The endless growth of technologies in this area is directly proportional to the number of cyber crimes cyber crimes are estimated to cost six trillion dollars in 2021 hints to tackle these cyber crimes organizations are continuously on the lookout for cyber security professionals the average annual salary of a certified ethical hacker is ninety one thousand dollars in the US and approximately Rou pays seven lakhs in India so what are you waiting for get certified and become an ethical hacker like John and put an end to the cyber attacks in the world we hope you found this informative and helpful.