Hacking and Hackers are terms that generally tend to build a negative impression in people's minds. Each time one hears either of these terms, the first thing that immediately comes to mind is the image of a computer criminal sitting in one corner of a dark room and committing a crime. In reality, that is not true at all! Most people straightway start associating the term Hackers with computer criminals or people who cause harm to systems, release viruses and so on. And I do not blame them for holding such a negative opinion. Unfortunately, one tends to blindly accept what is being fed to them by popular media. And nowadays the media has been wrongly and outrageously referring to computer criminals as Hackers. They fail to recognize the fact that computer criminals and hackers are two totally distinct terms and are not associated with each other whatsoever. People have wrong notions and for reasons not justified at all, they have a negative opinion and utter dislike for Hackers and persons associated with Hacking.
Recently, I started India's first computer security training and certification program to train the next generation of computer security experts. On more occasions than not, when people hear about the program I receive a nod of disgust and disapproval-probably because most people don't know what the course is all about and think that I am probably training people to be criminals! People fail to notice that the description of Hackers provided by popular media is nowhere close to the actual description of hackers. In reality, computer security has two types of people-hackers and crackers.
Hackers are actually good, pleasant and extremely intelligent people, who by using their knowledge in a constructive manner help organizations to secure documents and company secrets, help the government to protect national documents of strategic importance and even sometimes help justice to meet its ends by ferreting out electronic evidence. Rather, these are the people who help to keep computer criminals on the run. On the other hand, crackers are the real bad guys or the criminals who indulge in cyber crime, deface websites, release viruses, steal credit card numbers and create havoc on the Internet.
Traditionally and historically, humans have been utilizing harmful objects to protect themselves when the need arises. The invention of the nuclear technology or weapons as simple as knives immediately comes to mind. Training people hacking is something like in the medicine field-each time a new virus is discovered, weaker forms of the same virus are injected into the human body in order to provide immunity to the body against it. All of us already know that vaccines have helped us save millions of lives. But what strikes me most about vaccines is how they actually work. Vaccination is like fighting evil with evil for positive gains.
The biggest problem that NASA and its team of engineers face in their space missions is that of disposing human wastes and providing and storing pure drinking water for the crew aboard. A young biologist suggested, 'Human wastes be converted into pure drinking water by passing it through advanced chemical processes.' At first, his colleagues had been dismissive of this rather strange idea. However, later after some detailed and animated discussions, they concluded that using the negative non-useful elements to get something good and useful was their best bet. Similarly in the field of computer security, it is very important for take help from the crackers (computer criminals), educate the Internet users and secure the Internet.
When I first presented the idea of starting a training course on computer security to a few Indian government officials and expressed my support towards training hackers, the reaction that I received was one of profound disbelief and resentment. Their response argued that teaching people how to hack would only increase the incidence of computer crimes and bluntly stated that instead, more laws against hacking (well, actually cracking) should be introduced. However, in my opinion, all the laws in the world can not and will not discourage computer criminals. Crackers are getting real smart these days and it is becoming increasingly easier for them to break into a system (using freely downloadable automatic tools), create havoc and escape without leaving any traces behind. Laws are absolutely useless when system administrators themselves are becoming ignorant of computer security and are dismissing all hackers as people belonging to the dark side of society. It has become absolutely necessary to teach people how crackers work, how cracking is executed and how to protect computer systems from crackers. If this is not done soon, then the crackers will remain ahead in the security race. And we really don't want this to happen, do we?
If everybody who uses the Internet understood its risks, if everybody who uses the Internet understood how the computer criminals work, if everybody who uses the Internet understood the tools and techniques already known to the bad guys, then the Internet would be a much safer place to be in. Wouldn't Internet users be able to better protect their data and systems if they were more aware of how computer criminals work? If we are able to learn and understand how someone can break into our system, then wouldn't we fix the loopholes even before the cracker strikes? All I want to say is that instead of being resentful and afraid of fire, it would be much better if we learn to live with fire. Let us fight fire with fire itself! We manufacture knives every single day. A knife in the hands of a murderer can take lives, but the same knife in the hands of a surgeon can save lives! So just because there is a risk of a knife being misused by murderers, that does not mean that we should stop manufacturing knives.
Happy Hacking!
Ethically Yours,
Ankit Fadia
PS: Even I am a guilty of using the forces of popular media, the title of my course is testimonial to that fact-Ankit Fadia Certified ETHICAL Hacker course. If you can't beat them, simply join them!
(Ankit Fadia is author of internationally bestselling books on computer security. He offers computer security certification courses and even provides consulting solutions to Fortune 500 companies and government agencies.)
0 comments / Reply here:
Post a Comment