The opposition between hacker and ethical hacker
"When George Mallory (who disappeared on the world's highest mountain in 1924) was asked why he wanted to climb to the top of Everest, he said, "Because he's here."
In these 4 words, you have the perfect summary of the taste of the challenge.
Solving a problem, overcoming a difficulty, can sometimes be enough to motivate someone to throw time and energy into the battle. Computer science in the general sense is no deviating from this approach, let alone cybersecurity. To say once that your company's technology, infrastructure, system or other is inviolable and a horde of "challenge snags" will do everything possible to contradict this assertion by example. benoit Meulin, a specialist at F-Secure France.
This article will also interest you: Black Hat vs White Hat Hacker
Today the challenge does exist. But to talk about challenge we also have to talk about skills. The ability to know how to act and react in a certain way learn your opponent against the odds. In his summary on the situation Benoit Meulin states "You acquire skills, you discover and forge knowledge, you buy the tooling (let's be honest: you download it) but ingenuity and creativity are innate and are as precious as they are rare. People who do know this and have many ways to take advantage of it. And that's where the difference takes place! ».
To determine today the field of expertise of hacking specialists, several platforms, several means is now to be disposed of. Indeed, we are now talking about "slopesting", "Bug Bounty" or "Red Teams", etc. On the other side of the scale, it is not uncommon to hear these notions often such as "Black-hat" "white-hat", etc. Here everything is encompassed whether it is the methods used in a legal framework or the limited practices of legality. However, all of these are aimed at one goal: to find security vulnerabilities in a computer system and take advantage of them. In other words in and prove computer security.
What differentiates an ethical hacker from a hacker is of course the objective. Generally, the reason for the action is taken is to determine the position of the individual in question. However, this is not so simple, taking into account some very important aspects of legality. "Between these two extremes we realize that the line can be quickly crossed, because it is not that drawn. One can decide, with the best intentions of the world, to hack a site to demonstrate its low security without seeking to gain any enrichment. In fact, it starts with a good feeling and it will do everyone a favour, but it is illegal. ». Explains Benoit Meulin.
However, this clear and clear distinction can be made. The ethical hacker is on the side of the law. He does everything in accordance with it and agrees to submit to a set of conditions. We exchange he is paid for it. On the other hand, we do not respect the law even if the tension and tension are not often. We do things according to his way of seeing and in all conditions we can be punished when we are caught on the facts.
Moreover, it does not prevent only on the field of digital. Even at the level of what often seems to be on the side of the law: "Within this great family of cybersecurity, communities are being created to thwart attacks by other cyber communities. As in a real game of gaming two teams compete to try to prevent an "invasion" We can speak here of invasion because companies and organizations of all orders and all sectors manipulate, harvest, expose and distribute data, sensitive or not and marketable or not. F-Secure France specialist.
This power play makes it difficult today to distinguish between ethical hacker and cybercriminal. But one way of saying that this does not bother some organizations.
Now access an unlimited number of passwords: