According to the National Initiative for Cybersecurity Careers and Studies, an ethical hacker “is an information security or network professional who uses various penetration test tools to uncover or fix vulnerabilities.” Many companies and organizations hire ethical hackers to spot vulnerabilities and help improve data security. An ethical hacker’s approach aims to answer three questions. Firstly, they seek to answer what information can an intruder access on a target system. They also look to see what the individual hacker may be able to potentially do with their information. Finally, they determine whether the owners of the target system suspect the intruding hacker’s attempts or successes. An ethical hacker also approaches a system with a couple questions for the client that hires their services. Specifically, they ask to find out what needs to be protected and from what type of interested party. They’ll also ask what kind of money, time, and effort the client is willing to give for protection. Once these questions are answered, the ethical hacker will test numerous systems, including firewalls, wireless security, application servers, network security, and security devices.
The term “hacker” often has a negative connotation, bringing to mind the image of a hooded criminal behind a computer shrouded in darkness. However, the methods employed by criminal hackers to gain illegal access to private information are also being used by ethical hackers to keep data safe. To learn more, check out this infographic created by St. Bonaventure University to learn more.