Monday, 22 april 2019 | Redacción CEU
Defining ethical boundaries is not always an easy task. In some cases the limits are very clear, while in others they are somewhat blurry. Reality cannot be described in black and white, there is also a wide range of grays. In this chromatic range, hackers are like fish in water. They are people with high computer skills who are willing to challenge conventional rules, and sometimes, the law as well. Their goal is to reach what no one else can do through their expertise and digital skills. They are also specialists in detecting vulnerabilities and get the most out of them, but this last definition does not describe all hackers.
Cyber-attacks are not only a problem of technological corporations. Security is a dimension on which any company must work, even more so in the so-called digital era. This need is supported by studies such as the one carried out by Kapersky Lab. According to this survey, which tries to deepen into the situation of cybersecurity in European organizations, 64% of Spanish companies have faced at least one cyber-attack in the last two years. Another shocking fact that this analysis reveals is that 22% of the professionals who are responsible for security claim that these attackers left no trace of their identity.
The National Intelligence Center detected 38,000 incidents of cybersecurity in 2018. This figure represents a growth of 43% in relation to the previous year. Most of these attacks were neutralized, and 102 of them were considered as critical ones. Another study, the Norton Cyber Security Insights Report 2018, maintains that 33% of Spaniards have been victims of cyber-attacks. In fact, it defends that behind USA and the United Kingdom, Spain is the country that receives the most attacks. All these data suggest that security is becoming an issue that requires more and more attention, and companies need to find solutions that live up to the magnitude of this challenge.
What is ethical hacking?
The digitalization of the economy, connectivity and the phenomenon of Big Data are trends that make profiles specialized in cybersecurity play an increasingly important role within the companies. Ensuring the safety of organizations means counting on experts such as CISOs, CSOs, DPOs, security analysts or intelligence officers. In fact, all these professions appear in the ranking of the most demanded profiles of the year 2018.
Most companies have online presence, systems which are hosted in the clouds or store digital information of their customers. An incident in security may expose companies to very high risks: economic losses, reputational damage, identity theft, disclosure of sensitive information, leak or abuse of data, etc. In such a context, organizations, especially the largest ones, but not for that reason the only ones to be vulnerable, are starting to hire a new professional profile: ethical hackers.
Their work consists of detecting the vulnerabilities and security breaches of organizations, always with the consent of the companies and by keeping the goal of preventing attacks and improving the protection of networks and systems infrastructures. Their mission is based on the premise that the best way to prevent an attack is by testing the security of the organization. They try to simulate the external attacks that the malicious pirates (also called "black hat" hackers) may perform, but in a controlled manner and with the sound intention of being able to identify, notify and solve the potential problems.