#BeAnAwesome: Ethical Hacker

Nasarudin bin Daud
Senior Lecturer at Infrastructure University Kuala Lumpur (IUKL)
Save 

Students who want to work as ethical hackers need to have ethical values, as most IT companies that offer network protection and computer security services prefer to contract people with a clean record.

What Will I Do?

Hackers range from young people still in school to the sinister syndicates aiming to infiltrate private or public computer systems to obtain information to use to their own advantage.

Hackers who use their hacking skills for good are referred to as 'ethical hackers' or 'white hat' hackers. They are computer security experts who specialise in penetration testing and other testing methodologies to ensure that a company's information systems are secure. These non-criminal hackers are hired by companies to examine and test the integrity of their systems.

The threat of global terrorism and other online criminal activity promote an ever-increasing need for secure software systems. Ethical hacking provides the means to test computer software security.

However, even in the face of this threat, software development projects and organisations tend to place system security far down their lists of priorities. 

The job scope of an ethical hacker will cover the following tests:

  • Assessment
  • Penetration testing
  • Vulnerability enumeration 
  • Vulnerability exploitation. 

Permission To Hack

A typical job request for a system hack specifies the types of tests that will take place. The specified tests must each be granted specific consent to perform the activity. At this time, the potential consequences should be made known to the client and incorporated into the contract.

As the basic nature of hacking may result in adverse effects to the system, testing should ideally be scheduled to take place outside the organisation's working hours.
Testing may be broadly defined. These can range from technical tests like port scanning or using a data packet sniffer to obtaining passwords by simply asking staff. 

Is It For Me?

The following are some questions that you should ask yourself before you embarking on a career in hacking:

  • Do I love security and cryptography subjects?
  • Do I like hacking?
  • Do I like computer forensics?

What Are The Common Misconceptions That People Have About The Job?

One common misconception is that people tend to lump together white hat hackers with 'black hat' (criminal) hackers, and look down on white hat hackers as if they have done something wrong.

What Is The Most Exciting Part Of The Job?

To be able to discover any wormholes or loopholes in the network of the company and at the same time be able to block penetration by criminal hackers through the loopholes.

Qualifications

Academic qualifications can be any degree or diploma in networking, computer security or any related computing courses. Short certification courses on hacking, such as Certified Ethical Hackers, are also available. 

Some non-academic requirements student should possess are

  1. Programming skills
  2. Deep knowledge of hardware and software
  3. Operating system skills
  4. Knowledge of software functionality 
  5. Social engineering skills.

A solid knowledge of how networks and technology work is essential in order to better combat cyber attackers inside and outside the company. Students can build this foundation in two ways: through actual cracking and intrusive testing of network security or the practical application of security practices, and by getting certifications and experience.

Who Will Employ Me?

Big IT companies, and organisations that rely on IT, for example banks, data-related companies, web-based companies and so on.

How Much Will I Earn?

Salaries for ethical hackers (and other related IT jobs) is dependent on qualifications and experience. Monthly salaries range from RM2,000 for fresh/entry level positions to RM9,000 for senior executives.