Current dictionaries include two definitions of hacking:
- To cut with rough or heavy blows;
- To gain unauthorised access to a computer system.
Today, young and old alike are all familiar with the term ‘hacking’. In either definition provided by the dictionary the word has largely aggressive connotations, and most of us associate hacking with criminal activity.
When many of us think of a hacker, our imaginations lean towards cliché: perhaps a dark room, with a pair of glasses reflecting a scroll of code from a monitor? With Hollywood and some sections of the press perpetuating this stereotype, many of us have a pre-established idea of what hacking, and hackers, look like. But clichés aside, the risks can be very real.
We live in an era defined by software, systems, technology, and data; the Information Age. Instead of cracking a safe, and using a getaway car to make off with your valuables, modern criminals can employ the same principles without needing to be at the same physical location. With increasing frequency, news stories are focussing on data security breaches, and names such as Julian Assange, Wikileaks, and Anonymous are making headlines. But when so much of our modern lives are digital – from our private conversations, to our workplace records - how can we ensure our protection?
Notable cases including the Sony Pictures security breach, and the 2015 celebrity hacking scandal have crept into the public frame of reference. Even entire countries are at risk – in 2007, Estonia was hit by several waves of DDoS attacks, crippling everything from education and media, to central government, damaging the economy and affecting daily life over a three week period.
Often the aims are financial; a target of $950 million would have made the Bangladesh Bank Heist the largest in history, though was narrowly thwarted by an employee. Sophisticated ransomware such as ‘WannaCry’ crippled organisations worldwide by exploiting flaws in an older operating system, causing significant damage. However, money is not the only asset vulnerable to attack; all kinds of records, images, and other sensitive data could be targeted depending on the aims of the attacker, which include revenge.
Equally nefarious, but shrouded in far more secrecy are the cases of cyber espionage and cyber warfare. What are the implications of national-scale breaches? What are the risks, and solutions?
They go by many names: ethical hackers; penetration testers; ‘white hats’. Some do it for glory, whilst others do it for financial gain. Their aim is to expose the faults and flaws in a security system – before it’s too late.
Most ‘white hat’ hackers work for computer security agencies, providing reports or training. Typically, these experts will work from within a company, and operate with the company’s full knowledge, to deliver reports on the threats and weaknesses faced. From time to time, these hackers may also be used to expose cases of fraud.
The so-called ethical hacker is someone with the same technical skills and abilities as the cyber criminals they try to defend against. They often court as much controversy as they do praise, with some claiming that they are simply bad criminals trying to make amends. The profession, however, is finding relevance and credibility as the digital world pervades.
However, those which blur the lines between good and bad are this era’s interpretation of the vigilante: sometimes known as ‘grey hats’ or ‘hacktivists’, they might hack a company to point out the flaws in their security, though their actions are still illegal. With some famous examples, ‘hacktivists’ such as the group ‘Anonymous’ and ‘J3st3r’ have been making headlines for their political stance, targeting forums, organisations, and governments. Opinions of them range from modern Robin Hood-types to a digital lynch mob.
The list of those vulnerable to attack includes, well, everybody. So who will maintain order, and protect against harmful hackers?
In these times, companies and corporations, individuals, and even entire countries should know which measures to take to protect their data from hacking. Every size of organisation should employ adequate security measures, and due to this being an issue of increasing importance, there is a growing demand for candidates with skills in this field.
Whilst the threat of remote hacking is scariest, the possibility of physical data theft – taking the hardware on which the data is stored - is still very much prevalent. Therefore maintaining adequate physical - as well as digital - safeguards is important. So those tasked with protecting their organisation’s data should be mindful of internal and physical threats, as well as those external and electronic.
Which hat will you wear? If you’re interested in taking up arms in the struggle to protect our data falling into the wrong hands, consider studying towards a rewarding career with MSc IT Security Management.
BSc (Hons) Computing
Develop one of the most sought-after skill sets in modern business and gain the technical know-how needed to work in IT across any industry.