According to Media Wiley (n. d), Ethical hacking can be defined as the practice of breaking into an organizations computer system without any malicious intent. Ethical hacking is intended to sturdy and analyzes the security of information systems as well as the possible remedies for such security threats.
Ethical hacklers are individuals who are known to have strong programming, and computer networking skills. Before conducting a system security audit, the ethical hacker must plan himself and create a plan of action that will ensure the success of the ethical hacking test (Palmer, 2001).
The following are some of the steps that are involved in an ethical hacking plan;
- Identifying all the networks that are going to be tested
- Developing a testing interval
- Developing the testing processes
- Creating a plan, and sharing it with the relevant stakeholders
- Getting the plan approval
In 1970, the United States government employed the services of experts who were known as “red teams” to hack into its computers, in order to determine the system vulnerabilities.
Ever since the inception of the ethical hacking concept in 1970, the term has gained considerable usage in the past as well as in the current computer systems. For example, large companies such as IBM, maintains a team of highly qualified ethical hackers who maintain their systems.
Ethical hacking to some extent has some benefits associated with it. Some scholars argue that, ethical hacking has some disadvantages and dangers (Fadia, 2003).
This essay is going to critically evaluate the advantages and dangers associated with ethical hacking.
The sprout growth of internet has brought various good things such as collaborative computing, social networking, e- commerce, educational materials and products, e-mail services and advertising products among many. With the above spontaneous dynamics in the use of technology and the internet, there is an increased concern about the security of information (Khare, 2006).
Many governments institutions, individuals, private companies, and organizations would love to be part, and parcel of this revolution, but they are afraid that their web servers might be hacked by malicious hackers. Malicious hackers break into an organization web server and corrupt an organization website.
They might replace information on a company’s website with pornographic materials. Hackers might also read a company’s e-mails, steal user’s credit card details, or implant software that can read a company’s secrets and transmits them to the open internet (Elizabeth & Kitchen, 2010).
In order to guarantee the security of organizations information on the internet, then, the organization needs to be aware of the available security threats hackers pose. One way of doing so, is by having a qualified and trusted ethical hacker perform a security and hacking test on the organizations data (Elizabeth & Kitchen, 2010).
As earlier stated, the security of an organizations data is very important, and organizations should try to enhance data security especially over the internet. One such way of guaranteeing internet and computer system security is by conducting an ethical hacking test. Even though ethical hacking has some advantages associated with it, it has some disadvantages and flaws associated with it.
The advantages of ethical hacking
The following are some of the advantages associated with the use of ethical hacking in an organization.
- It helps fight terrorism and national security breaches
- Leads to a computer system that prevents malicious hackers gaining access to an organization data.
- Leads to adoption of preventive measures.
It helps fight terrorism and national security breaches
Ethical hacking has been known to help fight terrorism and national security breaches in a country. Ethical hackers will always hack into websites of various terrorist groups and obtain information regarding the activities of the group.
Such hackers will obtain information regarding the activities the terrorist group is planning. Such information is paramount and important towards fighting terrorism activities. Various security measures are taken by the relevant stakeholders to ensure the terrorists do not go on with their plans (Elizabeth & Kitchen, 2010).
Also, ethical hacking helps fight against national security breaches. A national security breach may be an act like hacking into a countries police force computer system in order to gain information for malicious use.
Ethical hacking eliminates the cases of national security breaches because it ensures that, an organizations computer system is more secure and robust and less prone to malicious hacking threats.
After conducting an ethical hacking process, an organization is able to develop sound security measures that will prevent malicious hacking, hence, reducing cases of national security breaches (Elizabeth & Kitchen, 2010).
Leads to adoption of preventive measures
One major aim of conducting ethical hacking is to determine the various loopholes and security lapses in an organization’s computer system. After conducting an ethical hacking test, relevant measures can be adopted that will ensure security of organization information (Farsole & Kashikar & Zunzunwala, 2010).
For example, the recent hacking of the International Criminal Court email system by some hackers prompted the ICC to develop and adopt measures that guarantees maximum information security.
Also, the hacking of the Kenya police force website prompted the government of Kenya to adopt relevant measures that guaranteed the security of the police force information.
The government set up an internet crime response task force that was mandated with monitoring any hacking attempts to the Kenya police force website. Also, the government adopted a security measure where by users are supposed to create an account on the police force website in order to access vital information of the police force.
Leads to a computer system that is secure
Another aim of conducting ethical hacking is to identify the flaws that are in the current computer system. Data and results obtained from an ethical hacking exercise can be used to identify the loopholes and flaws in an organization computer system. Such flaws are then rectified and the end result is a robust and more secure system (Farsole & Kashikar & Zunzunwala, 2010)
For example relevant software and hardware will be added to the computer system in order to boost the security level of the computer system.
For example, a company might decide to install more firewalls in its computer system as well as adopt other security measures like using of user accounts. Also, some measures like user authentication in order to identify what users are assessing on the company website.
Dangers of using ethical hacking
There are some dangers and risks involved in ethical hacking. The following are some of the dangers which are associated with ethical hacking;
- The ethical hacker might use the information to do malicious acts
- Exposes a company financial and banking details
- Ethical hackers may place a malicious code, malware, or viruses in the computer system.
The ethical might use the information to do malicious acts
Ethical hacking is an exercise that entirely depends on the honesty and integrity of the ethical hacker. If the ethical hacker is trustworthy, then the security of data is guaranteed. On the other hand, if the ethical hacker is untrustworthy, then, an organization data is at risk.
The ethical might use the information obtained from an ethical hacking exercise to damage the company or develop a similar system. This is detrimental to an organization since it threatens the organizations autonomy over its information. Not all ethical hackers are trustworthy; hence ethical hacking poses a great danger to the security of organization information (Palmer, 2001).
Exposes financial and banking details of a company
It is every organization aim to make profits and stay at the forefront in terms of competitive advantage. Hence some organizations are ready and willing to do anything at the expense of making and staying at the forefront in terms of competitive advantage. Ethical hacking exposes a company’s financial and banking details to people who are conducting the ethical hacking exercise (Elizabeth & Kitchen, 2010).
Some ethical hackers may sell this kind of information to other companies who are undertaking similar business. This puts the organization at the brink of collapse since the company success secretes are known.
This secretes can be used against the company to completely destroy it, hence ethical hacking has a danger of exposing a company’s financial, banking and success secrets to potential competitors (Khare, 2006).
Ethical hackers may add a malicious code into the computer system
Some ethical hackers are untrustworthy and might at one point add a malicious code, virus or malware into an organizations computer system. Viruses and malware are programs which are designed to alter the normal operations o a program without the knowledge and consent of the user.
Such viruses and malware will corrupt the normal operation of a program and might as well lead to low system performance. Also, malicious codes can corrupt the data and files making which might lead to data loss (Elizabeth & Kitchen, 2010).
In conclusion, with the increasing internet usage and increased applications on internet, the security of data is quite important. In order to guarantee data security, an organization needs to understand how to counteract the threat posed by malicious hackers. One such way is to conduct an ethical hacking exercise which is aimed at identifying the loopholes within a computer system.
Ethical hacking is purely based on the trust and honesty of the ethical hacker, hence, when entrusting the task of ethical hacking in the hands of an ethical hacker, it is of great importance that an organization should carefully select a trustworthy individual to conduct the exercise.
The main focus and goal of ethical hacking should be geared towards improving system security and note unmasking a company’s secretes. Organizations should also be at the forefront in adopting new technologies that guarantees maximum information security.
The adopted measures should be in-line with the new advances that are being experienced in the information and communications technology field. Organizations should not maintain the status quo but should instead be at the fore front in adopting continuous improvements in its processes.
Elizabeth, R & Kitchen, C. (2010). Ethical hacking; Understanding the benefits, Goals and Disadvantages. Retrieved from https://www.brighthub.com/internet/security-privacy/articles/77412.aspx
Fadia, A. (2003). Unofficial guide to ethical hacking. S. l: Premier.
Farsole, A & Kashikar, A & Zunzunwala, A. (2010). Ethical hacking. International journal of computer applications, 1(10), 229-380.
Khare, R. (2006). Network security and ethical hacking. Beckington: Luniver Press.
Media Wiley (n. d). Introduction to Ethical Hacking. Retrieved from http://media.wiley.com/product_data/excerpt/4X/07645578/076455784X.pdf
Palmer, C. (2001). Ethical hacking. IBM SYSTEMS JOURNAL, 20(3)