People often ask me, "Why are you training hackers? Isn't that illegal?" Although I usually give them a short version of this post, there are MANY reasons why YOU should be studying hacking.
Before I begin, I want to re-emphasize to all of you that hacking is an elite profession. Hackers are among the top of the heap in the IT industry. Before you ever begin studying hacking, you should ideally have a firm grasp of computer operations, Linux, networking, coding, and hopefully, a bit of operating system and application architecture.
One doesn't begin hacking without a strong background in these other IT skills. If you do, you will likely give up frustrated. Hacking takes years of study and practice to become proficient at, and if you try to take shortcuts, you will likely fail, or worse—spend a few years in "Club Fed."
The hacker's skills are increasingly sought after in many corners of our profession. Here are just a few.
Penetration Testing
Penetration testing is essentially legal hacking. Organizations hire penetration testers to test the security of their information systems. These penetration testers use all the skills of a hacker to try to "penetrate" or hack these systems.
In this way, the company can find the weaknesses in their systems before the malicious hackers around the world do. There is a tremendous shortage of skilled penetration testers, and the pay is VERY good.
Security Industry
The information technology security industry continues to expand rapidly as more and more commerce goes to the web and more and more security incursions take place. Information security has become big business and they can not get enough well-trained people.
A hacker is highly regarded among this industry as ONLY the hacker understands the true vulnerabilities of information systems. The better one understands the weaknesses of these complex systems, the better they can defend them.
So many IT security professionals have never hacked a system and, as a result, have no idea on how to protect them. Some of the highest paid individuals in this industry are former hackers.
Private Investigator
Increasingly, private investigators are employing hackers to gather information and evidence in their investigations. Although, at times, this may straddle the lines between legal and illegal hacking, it is important to note that this is sometimes the only way to gather evidence on many critical cases.
In most cases, hackers are used by private investigators as contractors to insulate themselves from possible liability. This can be a lucrative employment, but also very risky.
Forensic Investigator
Forensic investigators are employed by law enforcement, incident response teams of major companies, and information security firms. Who better to trace the tracks of a hacker than someone who knows how to hack?
Learning to hack gives the forensic investigator the mindset of the intruder, as well as understanding what happened and what clues, evidence, or artifacts must be left behind after a cyber attack or other criminal activity.
Check out my past Forensics series, and current Kali Forensics series, to see some of the things that digital forensics involves.
Cyber Espionage
Spy agencies around the world are employing and looking for more and more hackers to spy on their adversaries. In the U.S., the CIA, NSA, FBI, and numerous other three letter acronyms are using hacking techniques to foil terrorist attacks, spy on the foreign adversaries, and keep track of their own citizens.
Check out my next series on hacking to spy for more on this type of profession.
Cyber Warfare
In the digital era, warfare is rapidly evolving from being primarily one of guns, tanks, missiles, and bullets to cyber warfare. There is a constant undertone of cyber warfare going on every day between adversaries around the world. Whether it be the rebels in Indonesia fighting their oppressive government, the Arab spring, Indian vs. Pakistan, Russia vs. Ukraine, etc. All of these conflicts involve an element of cyber warfare.
Not only is cyber warfare used to spy on the adversary, but often times it is used to disable critical infrastructure. If I can disrupt the critical supply lines of my adversary, I can make it very hard for them to fight if food, water, and ammunition supplies are disrupted digitally. In addition, disruption to such domestic services as electricity, water, water treatment, and communication to my adversaries' citizens is only going to weaken and dispirit them.
Probably the most sophisticated cyber warfare attack to date was the U.S.'s release of the Stuxnet worm. This advanced worm burrowed into the Iranian uranium enrichment facility to disrupt their ability to enrich uranium for their nuclear ambitions.
Just this last month, August 2014, the major banks in the U.S., including J.P Morgan Chase, were hit by a cyber attack from Russia. It is believed that this cyber attack was in response to the banks cooperating with the U.S. sanctions on Russia for the invasion of the Ukraine. This is simply an indication of how the game of international politics is played in 2014, with cyber attacks, aka hacking.
Authoritarian Government Resistance
Of the millions of people who read Null Byte, many of you are living in countries with authoritarian and abusive governments. Many of these governments will try to limit the use of the Internet to limit free speech and expression, while others will use the Internet as a means of repression. In these cases, having the skills to resist such abuse can be critical to you and your people's freedom.
Network or System Administrator
As a hacker, you need to understand how digital systems work and interoperate. That understanding is often far beyond that which is necessary to be a network or system administrator. These IT personnel are often only taught to "click here, then click here, and then click here..." without a full understanding of the system and functionality they are working with. The hacker is often much better equipped to run these systems because they understand how the systems work and interact, what their weaknesses are, etc.
These are just few of the reasons on why you should be studying to be a hacker. Keep coming back to Null Byte, my budding hackers, because you'll learn a lot of the skills needed to be an abled hacker in any of these professions.
No comments:
Post a Comment