What Is Ethical Hacking?
✅ Paper Type: Free Essay | ✅ Subject: Philosophy |
✅ Wordcount: 2073 words | ✅ Published: 18th May 2017 |
Nowadays any kind of information for every single person in the world is held in database somewhere in the world. Every company and organization works with, stores and uses personal information of some kind every day. This makes them responsible for its unassailability but because of the big number of the skilled IT professionals who have interest of stealing that information and use it for other purposes the companies cannot assure its safety.
This is where the ethical hackers and the ethical hacking comes in to play. They are employed by companies to test its system’s security. They use Ethical Hacking to penetrate the system in order to find any weaknesses that can be used to gain unauthorized access to the system.
What categories can hackers fall into?
There are three types of Hackers. The first one is the one that is known all around the world under the same name which is Hackers. The second one is Ethical hackers.
The third one that is widely confused with the hackers is Crackers.
The Hackers are passionate and enthusiastic programmers who believe in the freedom of sharing information as well as their experience by writing free software and facilitating access to information and computing resources wherever possible. [1]
Ethical Hackers or in other words computer security consultants are people who are using the information provided by the hackers as well as some extra skills, for defensive purposes.
These Crackers are people who take advantage of the hackers’ work and use the information provided from them for criminal purposes. Therefore the hacker community calls these destructive computer users crackers. [1]
As well as the solid understanding of programming languages, computer networks and operating system concept the ethical hackers (security consultants) must have variety of skills in order to make them reliable and trustful employees. Some of them have: Professional, Lawful / Legal, Patient, Methodical, Adaptable / Versatile, Good verbal / written communications, Efficient, Experienced, Interested in Technology, Team work, Logical Mind, Researching Skills, Business knowledge, Organized and Confident.
Get Help With Your Essay
If you need assistance with writing your essay, our professional essay writing service is here to help!
Find out more about our Essay Writing Service
In my opinion, the most important skill is Honesty / Integrity, because in most of the cases while testing systems they will discover sensitive information for the client that can have negative impact of its business if published or if handled improperly. Professionalism and logical thinking are also critical for setting up the environment for testing such as remote network, using strong cryptography to protect electronic results and so on.
It is essential for them to have a lot of patience and self-drive to do their job properly, because some system may take up to several weeks to test, teamwork is a very beneficial skill to have because it helps to divide the workload.
There are many aspects that make computer knowledgeable person Ethical Hacker and some of them are:
• Ethics
• Moral
• Culture’s religious beliefs
• Social beliefs
• Economic beliefs
• Limitation of law
I will briefly discus these aspects individually to get better understanding of them and then I am going to discuss the impact that they may have in the life of the Ethical Hacker.
Ethic, morality and the link between them
What do we mean by Ethics?
“The field of ethics (or moral philosophy) involves systematizing, defending, and recommending concepts of right and wrong behaviour.” [2] More simply, one could say it is the study of what is right to do in a given situation.
What do we mean by Moral?
“Morality involves what we ought to do, right and wrong, good and bad, values, justice, and virtues. Morality is taken to be important, moral actions are often taken to merit praise and rewards, and immoral actions are often taken to merit blame and punishment.” [3]
Most of the people are facing ethical and moral challenges often in their everyday life but the ethical hackers are challenged with them all the time in their career. One example can be that, many hackers argue they follow an ethic that guides their behavior and justifies their break-ins. They indicate that all information should be free and therefore there is no such thing as intellectual property, and no need for security. [4]
From the other hand if all information should be free, the privacy will be no longer possible. Additionally, our society is based on information whose accuracy must be provided, hence free and unrestricted access to such information is out of the question. [4]
From security point of view actual break-ins illustrate security problems to a community that will not otherwise notice those very problems. This can be useful to a lot of companies that are responsible for very sensitive information. If we look at this problem from different moral prospect, if the vulnerability of the system is reported and explained to the administrators responsible for the security or the owner of the company that would illustrate the problem as well, which means breaking in cannot be justified. [4]
Should burglars be allowed to break into houses in order to demonstrate that door locks are not robust enough?
Other often excuse of the hackers is that they are simply making use of idle machines. Because a system is not used at its full capacity, the hacker is somehow entitled to use it.
Clearly, unauthorized person who get access to machine that is not his own property is not in position to properly qualify if the system is being used to the full of its capacity or not, because unused capacity is often present for future needs and sudden surges in system activity. [4]
Cultures religious beliefs
The links between Ethics and Morality in the life of ethical hacker is something very important. Although it may looks like the people using the same kind of religion should have the same understanding of Ethics that is not the case in most of the time. The Ethics is understood differently by every single person in the world. A lot of people believe all the religious in the world are identical and they teach us the same values of life, not to hurt other people and to live in peace with the nature. As many people know that this is not the case in reality, explicit example of that are the standoffs between some of the major religious groups in the world such as: Catholics and Protestant Christians, Sunni and Shi’a Muslims, and Orthodox and modern Jews. [5]
Social and economic beliefs
The brain in the human been is like the operation system of computer, it control and manages all the processes in the body. But the brain has no mechanism of discrimination, it cannot tell you what is relevant or less relevant except experience. Genetics has nothing to do with greed and business they do not control values, our behavior and values are reflective to the culture we are exposed to. [6]
Limitation of law
The law is what determines the boundary that anyone should work in. When it comes to computer crimes there is different law in every country around the globe, some of them do not even have such a law in place. I will briefly look at the UK Computer Misuse Act (1990) and Data Protection Act (1998). Because of the impact the local law can have, every ethical hacker who wants to operate in UK must be aware of what is classified as a legal, what as illegal and what are his/her rights. Some of the laws and the way they have been applied slightly changed since the Budapest Convention on Cybercrime that took place in 2001.
The Budapest Convention on Cybercrime is a place where representative from every country wishing to take a part are gathered to discuss the cyber problems. Its aim is to introduce common criminal policy, emphasize the importance of better investigative techniques and the importance of cooperation among nations. [7]
The convention on cybercrime divides the computer misuse to 6 main areas:
• Computer Fraud
• Computer Forgery
• Damage to Computer data or Computer Programs
• Computer Sabotage
• Unauthorized Access
• Child Pornography
Computer fraud – Any intentional input, amendment, removal or violation of computer data that influences the result of its processing and can cause loss of any kind is classified as computer fraud. [7]
Computer Forgery – Any intentional input, amendment, removal or violation of computer data that it would constitute the offence of forgery if it had been committed with respect to a traditional object of such an offence. [4]
Damage to Computer Data or Computer Programs mean deleting, damaging, infection or suppression of computer data or computer programs without right. [4]
Computer Sabotage means any manipulation to data with intention to hinder the functioning of a computer or a telecommunications system. [4]
Unauthorized Access is the access without right to a computer system or network by avoiding the security measures. [4]
Child Pornography involves producing, distribution, offering and making child pornography for the purpose of its distribution through a computer system for oneself or another person. [7]
Case study
R v Daniel Cuthbert, Horseferry Road, Magistrates Court, 07/10/2005, Computer Misuse Act 1990, s 1 Unauthorised access. IT security contractor Daniel Cuthbert, donates £30 to charity website, then decides to check it security. Mr. D. Cuthbert found guilty of unauthorized access, convicted and fined £400. [8]
If Mr. Cuthbert is to be believed that he just wanted to test the security without any back thoughts and free of charge theoretically he has not done anything bad, however from the law point of view this is wrong. Personal data or information cannot be accessed without authorization. This is good example that demonstrates that although the law and the ethics are based on the same principles they are applied differently in most of the time and also if something is good that does not make it right. This example illustrates very well the arguments and counterarguments between hackers, crackers and ethical hackers that I wrote about in page two.
Is it ethical to use entrapment as a means of detecting and capturing a Hacker?
In my personal opinion, based on my ethical and moral principles and on my social background there is nothing wrong to use honey pods or any other software and hardware for capturing hackers and cracker. The reasons I agree with the entrapment methods are simple. The first and most important one is that: to use entrapments of any type is legal according to the law in UK. Also this is opportunity for the police to prevent future accidents made by crackers and hackers, because if they fail to capture and identify hacker who is trying to steal some information from company or organization that can have big impact for the institution and bring big losses to it. This method is the ‘electronic version’ of double agent whose job is to identify and capture criminals in the moment when they are taking action to do something illegal. Last but not least as I discussed in page two, no one has the right to access and manipulate private information if it is not authorized to do so.
Conclusion
We often use the term “professional ethics” but what does that actually means? It means a list of laws, rules, and regulations that professionals are supposed to follow all the time in their careers. These rules, regulations and laws might be acceptable by many people, but that does not makes them objective moral standards that every professional should accept. In my opinion every profession has its own moral standards that are unique to it. There is no universal ethics and moral that everyone in the world is going to follow simply because of the number of cultures, religious and laws around the world, even two brothers that grow up together will have different view for moral and ethics, therefore the ethical hackers must always have very good understanding and working according to the law in the country that he/she is operating.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related Services
View allDMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: