fbpx
Hacking Fact vs. Fiction: Ethical Hacking 101

Hacking Fact vs. Fiction: Ethical Hacking 101

We’ve all seen it. The rapidly flashing screens. The confusing jumble of nonsensical numbers and symbols. Or, the lame PS1-esque graphics that Hollywood seems to think makes a mega hacker. Movie hacking is corny, goofy, and a convenient plot device when you want something to seem futuristic.

However, cyber crime is anything but humorous with $600 billion from the world economy lost last year alone from cyber attacks. Sometimes, the best way to fight a bad hacker is with a good one. So, what is hacking really? And, if you want to join the fight against hackers, what’s the best way to do so? Read on to find out!

What Hacking is Not

Before we establish what hacking is, it’s important to establish what it isn’t. The answer is, well, basically anything you’ve ever seen on TV. It’s not Newman telling Samuel L. Jackson he didn’t say the magic word and infecting all the computers as in Jurassic Park.

It’s not a man in a black light gyroscope twirling around while his green body dissolves into a swirling nightmare vortex as he says, “I’m in,” as in Lawnmower Man.

And, perhaps most importantly of all, it’s not trying to stop a real-time hacker with the most effective method of all. JUMPING ON THE SAME KEYBOARD TO DOUBLE YOUR ANTI-HACKING SPEED. (As seen in 2 idiots, one keyboard from NCIS fame.)

via GIPHY

Yeah, pretty much any scene in this supercut of amazing hokey Hollywood hacker badness is wrong. (And yet, so good!)

Hacking is just not that exciting. While we’d all love it if hacking involved flashing screens and fast-talking computer hackers breaking through encryption shields before uploading nano-viruses, that’s not how things work.

This all bring us to another question which is, why do we see hacking portrayed again and again in these increasingly silly ways? Well . . .

Why Does Hacking Look So Stupid in Movies?

It can be easy to think that Hollywood writers and executives are doofuses who don’t know the first thing about a keyboard, let alone hacking, but that’s not always true and things are changing as the public understands tech more.

For example, the tech-savvy show Mr. Robot actually employs a team to ensure that all of the tech stuff rings true. As for other shows, well, take a look at this video of someone doing a live hacker challenge and see if you can spot where this might not translate into film.

Turns out real hacking looks a lot like staring at a text editor for a long time, testing vulnerabilities, finding a way into the system, and then building yourself a backdoor so you can get back in. Text editors are notoriously nonsexy and nonexciting. You see the problem.

However, one of the biggest reasons that tech looks so silly is, well, everyone is trolling you as shown in this article from Gizmodo.

If you see something too dumb to believe, it’s probably a joke. Or at least a setup; the punchline of which is when you lean over to your date and exasperatedly explain that there’s no way that could happen since no CTO worth his salt would ever let that kind of information be remotely accessible instead of just relegating it to an isolated intranet, and besides that’s not actually what VPNs do.

-Gizmodo, “Why Hollywood Hacking Is So Hilariously Horrible”

With all this in mind, let’s dive into the truth behind the Hollywood glitz.

What is Hacking Really?

The word hacking has kind of become a catch-all for cyber attacks and cyber terror in general. Technopedia defines hacking as, “an unauthorized intrusion into a computer or a network.” Hackers may use the system or security features to accomplish a goal that differs from the system’s original purpose.

It specifically includes the following techniques under the umbrella of hacking:

  • Vulnerability scanning (checking computers on networks for known weaknesses)
  • Password cracking
  • Packet sniffing (apps that capture data packets in order to view data and passwords in transit over networks)
  • Spoofing attack (websites which falsify data by mimicking legitimate sites, and they are therefore treated as trusted sites)
  • Rootkit (programs which work to subvert control of an OS from legitimate operators)
  • Trojan horses
  • Viruses
  • Keyloggers (tools designed to record every keystroke on the affected machine for later retrieval)

However, there are a number of different ways that people who identify as hackers try to exploit networks and systems for their own gain. A Distributed Denial of Service (DDoS) attacks makes an online service unavailable by overwhelming with traffic with the sole purpose of shutting down a website.

Little known fact, one-handed standing laptop hacking is the most effective method.

Meanwhile, social engineering involves simply pretending to be someone you’re not to gain access into a system, as happened with the person who almost destroyed Wired writer Mat Honan’s life after one well-placed call to Apple support.

And not all hackers are created equal. While the word may conjure up images of a ski-masked man in a hoodie in a darkened room hunched over his laptop, ethical or “white hat,” hackers make up an important part of keeping networks safe.

Black Hat, Gray Hat, & White Hat/Ethical Hacking

Hackers are divided into three groups: White Hat, Grey Hat, and Black Hat. Named for the different colors of hats worn by characters in Westerns, Black, Gray, and White basically boils down to bad, questionable, and good, but the truth is a little more nuanced than that.

White Hack hackers are hired by companies to help identify security bugs in their systems. To catch a hacker you have to think like a hacker. They play an important part in security.

One of the strongest weapons in the fight against cyber criminals has been hackers themselves. Professionals with a deep understanding of how to penetrate the security of an online infrastructure are commonly deployed to find vulnerabilities that those on the other side of the moral hacking spectrum would seek to exploit.

-ITPro, “What is ethical hacking? White hat hackers explained”

Black Hat Hackers have a clear malicious intent. Whether it’s to extort money, crash a system, or just cause general chaos in a person’s life, they do what they do for personal gain in a way that harms others.

Gray Hat hackers, on the other hand, may, “violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers.” Basically, while they’re not always above board, they do operate with businesses. (Although there is a debate on whether or not gray hat hackers should be allowed to discover security flaws.)

However, for those looking to make money fighting on the side of truth, justice, and the American way, ethical hacking represents a great way to make money doing work that’s sorely needed.

Ethical Hacking, The Real Story

What do ethical hackers look like? Look no further than this Lifehacker article about real-life white hat hacker Ben Miller. He talks about his career, what he does, and how he got there.

Many career paths that lead to white hat hacking are unconventional. Again, there is controversy in the industry about hiring black hat hackers turned white hat, but, even for those who start firmly on the ethical hacking path, it can be twisted.

In the case of Ben Miller, he got a degree in computer systems and networking . . . right before the dotcom bubble burst. Ouch. After a few rough years, he was hired as a networking administrator for a hospital and focused on strengthening systems while making sure they were HIPPA compliant.

His company offered a Certified Ethical Hacking course. He took it, loved it, and was hired one year later in ethical hacking by his instructor. Now Miller works trying to think like a hacker while stopping them dead in their tracks.

His recommendations for up and coming ethical hackers? Always be listening and reading, communicate with your client, getting certifications can help prove your abilities, and always document what you’re doing.

Want a Career as an Ethical Hacker?

If you’re interested in helping companies protect their data and stopping hackers dead in their tracks, certified ethical hacking might be for you! At LeaderQuest, we offer a 5-day Certified Ethical Hacker (CEH) course to help you get trained, certified, and hired. Through our career services team, and personal job coaching with your very own Employment Development Manager (EDM), you’ll also get help with your resume, interview tips, and access to employers in the industry.

With room for growth and a zero percent unemployment rate in cyber security, it’s clear that a certification like this will make you highly employable for a long time to come. To make training easy for you we offer classes during the day, at night, online, or on campus to fit any learning style or schedule. When it comes time to take the test, we not only cover the cost of one certification attempt per course but also have approved testing facilities on campus.

If you want to join a career fighting for the good guys, don’t wait. Though sadly, this job will not involve two people typing on one keyboard. (Sorry NCIS.) Become an ethical hacker today!

Start a Career in Ethical Hacking!