What is ethical hacking
An ethical hacker (“white hat hacker”) is an information security professional who has the same skills and uses the same technologies as a malicious hacker (“black hat hacker”) to discover vulnerabilities and weaknesses in an organization’s systems.
A black hat hacker operates without the consent of victims, with the goal of financial gain, causing damage, or gaining fame. A white hat hacker or ethical hacker is invited by organizations to help them hack themselves, so to speak, identify security gaps before black hat hackers do, and remediate them.
The evolution of white hat hacking
The first attempts to hack into computer systems were made in the 1960s. In the 1970s, governments and companies set up “tiger teams” whose task was to discover vulnerabilities in telecom and computing systems – the first ethical hackers.
In the 1980s and 1990s, as personal computers became widespread, hacking became a global phenomenon. Gradually the distinction emerged between “black hat” and “white hat” hackers. In 1995 IBM’s John Patrick coined the term “ethical hacking”, and in the years that followed, ethical hacking emerged as a legitimate profession.
Certified ethical hacker (CRH) certification
Certification is crucial in the ethical hacker profession, because there is a fine line between hacking a system legally—to improve cybersecurity, and hacking it illegally. Organizations employing ethical hackers need to be sure they are technically skilled, and use their skills to improve security and not introduce risk or cause damage.
The Electronic Commerce Council (EC-Council), a non-profit organization based in New Mexico, defined a standard certification for the field – Certified Ethical Hacker (CEH). CEH certification or ethical hacking certification allows information security professionals to become legitimate, recognized ethical hackers.
The CEH Certification is highly demanding – it covers a wide range of security concepts, tools and attack vectors, which students must understand in depth. It is accredited by the US Department of Defense (which made CEH certification mandatory for service providers under the US Cyber Defenders Program), the National Security Agency (NSA), and other security organizations.
The certification process
Candidates must pass the CEH exam to become certified hackers. To help prepare for the exam:
- EC-Council offers a CEH Training Program, with 20 training modules covering 340 attack technologies and 2,200 commonly-used hacking tools. There are three Accredited Training Centers (ATC): EC-Council, Pearson Vue Testing Center, and Affinity IT Security.
- The EC-Council website offers a CEH Handbook and CEH Exam Blueprint with practice questions.
- Many organizations, including the Infosec Institute, offer CEH exam prep courses.
- Candidates are encouraged to take practice tests, via EC-Council’s Online CEH Assessment, or the InfoSec Institute’s practice test service, SkillSet.
To be eligible for the exam, candidates must either complete the EC-Council’s training program and show experience in at least 3 of the 5 security domains covered in the exam. Otherwise, candidates must demonstrate two years of information security experience, among other eligibility criteria.
The CEH exam has 125 multiple-choice questions with a 4-hour time limit. The exam is administered via a computer at an EC-Council Accredited Training Center. Members must be recertified every three years to maintain CEH status.
White hat hacking and web application security
Web application security is a central focus in cybersecurity today. Web applications are an attractive target for attackers, and are especially vulnerable, because they have a complex multi-tier architecture, tend to store sensitive private data, and are easy to access from outside an organization.
Certified hackers, with their comprehensive understanding of modern software systems, threat vectors and attack technologies, can be an important security asset. They can help organizations understand the security posture of their web applications, the severity of different threats, and where to invest to effectively improve their defenses.
Penetration testing is growing in importance as a proactive measure used against cyber threats, particularly for mission critical web applications. A penetration test is a simulated cyber attack against a computer system, with the aim of uncovering vulnerabilities and suggesting security improvements. Penetration tests can be performed by information security professionals, or by testers or IT staff within an organization, even if they don’t have a CEH certification.
However, carrying out penetration tests with a certified ethical hacker has important advantages. A CEH can take a broader view of an organization’s systems and the threats it is facing, design more comprehensive tests, and leverage CEH training to provide more detailed reporting of vulnerabilities discovered and security implications.