Introduction to Ethical Hacking and Penetration Testing
What is ethical hacking?
Ethical hacking is one of many types of hacking. A hacker is a person who gains unauthorized access to a computer system or data. There are three types of hackers namely, black-hat hackers, grey-hat hackers, and white-hat hackers. Firstly, black-hat hackers are often called crackers and this type of hackers break through the security illegally. When they do, they encrypt valuable information and often demand ransomware from the company or person whose system they attack. Secondly, grey hat hackers are individuals who break into a security system without malicious intentions. Their aim is to find bugs and vulnerabilities that they can report and hopefully get paid as compensation for their time and resources. Although their intentions are good, they break in without permission hence it is illegal. Lastly, the white-hat hackers are given permission by the company to hack into their system and explore vulnerabilities before the black-hat hackers do hence it is termed ‘ethical hacking’.
Ethical hacking requires strong work ethics. An ethical hacker must be authorized to perform any type of penetration or assessment. As the term ‘ethical’ suggests, the duties and intentions of the hacker must adhere to the moral principles of the organization that the hacker is working for. This means there should be complete transparency between the activities of the hacker and the employer. The hacker is also bound to report the findings of the assessments and stick to the non-disclosure agreement to keep their discoveries confidential.
