What is an Ethical Hacker?

Hackers have a bad reputation. They penetrate security systems, steal data and cause financial damage. But is that true? We explain why some hackers are better than your reputation and how ethical hackers can help your business protect itself from attacks.

From Free Phone Calls to the first Home Computer

The term hacker comes from the 1960s and was first coined by an American amateur radio operator who called himself Captain Crunch. In a report, tripwire describes the development: he manipulated telephones with a toy whistle so that he could make free long-distance calls. Hacking, then, initially refers to an attempt to overcome an obstacle with the use of technology. Captain Crunch inspired a whole generation of young computer enthusiasts. Some of them founded the Homebrew Computer Club and invented the world's first personal computer. Among them were on Steve Jobs and Steve Wozniak - the founders of Apple.

Good Hackers, Bad Hackers White-Hat, Grey-Hat and Black-Hat

This definition of the hacker differs from the widespread public image of the hacker. The image of the hacker who is primarily bent on destruction was formed primarily in the 1980s. In the early years of the Internet, the technology was surrounded by a great fascination that movie studios around the world took advantage of. This is where the image of the overweight teenager squatting in his nursery all night long and gaining access to government computers came into being. But even in the 1980s and 1990s, this had little to do with reality.

Instead, the distinction between white-hat, black-hat and grey-hat hackers became established early on. While black-hat hackers gain access to systems in order to extract personal benefit or to harm the target, white-hat hackers use their skills for the benefit of the general public or individual institutions and companies. In the 1990s, an American hacker group also coined the term grey-hat hackers to distinguish their activities from the other players.

Ethical Hacking: from Hobby to Market

As the Internet spread to all sectors of society, so did the need for effective security measures. Government institutions were quick to rely on formerly delinquent hackers to improve their security systems. Ethical hacking was born. Ethical hackers were able to draw attention to themselves early on with spectacular actions - such as the GSM hack in 2002. Today, an entire market has emerged that specializes in auditing IT infrastructure.

Procedure from Ethical Hacker

An ethical hacker breaks into a system with the owner's permission. Companies use ethical hackers to find vulnerabilities in applications, servers and databases. He gains access before someone else does and protects the target from damage.

What an Ethical Hacker does

The first step is for the Ethical Hacker to explore the target and gather as much information about the target system as possible. What assets are there? What potential attack vectors exist? He then uses this information to gain access to the target system. His approach is no different from a hacker who has malicious intent - and that is what makes him strong. The ethical hacker shares knowledge of tools and technologies with the black-hat hacker and can thus counter him on the same playing field. Once the intrusion is successful, the hacker documents the results. The report then provides the company with a systematic guide to address any vulnerabilities found and improve IT security.

How an Ethical Hacker helps Businesses

Even though hackers have a bad reputation - companies can benefit massively from ethical hackers. If the hackers find security holes, you protect not only sensitive information about the company in the long run, but also the data of your customers. For example, the N26 Bank from Berlin offers a bug bounty program to detect security holes that are not found in penetration tests. Regular use of an ethical hacker also raises awareness among other employees. Only if people with access rights handle their privileges accordingly is the system protected.