An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.
One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.
In a similar but distinct category, a hacktivist is more of a vigilante: detecting, sometimes reporting (and sometimes exploiting) security vulnerabilities as a form of social activism.
And now what is ethical hacking?
Ethical hacking, often performed by white hats or skilled computer experts, is the use of programming skills to determine vulnerabilities in computer systems. While the non-ethical hacker or black hat exploits these vulnerabilities for mischief, personal gain or other reasons, the ethical hacker evaluates them, points them out, and may suggest changes to systems that make them less likely to be penetrated by black hats. White hats can work in a variety of ways. Many companies utilize ethical hacking services from consultants or full-time employees to keep their systems and information as secure as possible.
The work of ethical hacking is still considered hacking because it uses knowledge of computer systems in an attempt to in some way penetrate them or crash them. This work is ethical because it is performed to increase the safety of the computer systems. It’s reasoned that if a white hat can somehow break the security protocols of a system, so can a black hat. Thus, the goal of ethical hacking is to determine how to break in or create mischief with the present programs running, but only at the request of the company that owns the system and specifically to prevent others from attacking it.
People enter the field of ethical hacking in a variety of ways. Many people are very computer savvy and many, but not all, have an educational background in computer science. In some instances, the white hat has gained his or her experience by first being a black hat.
If black hat hacking was at a sufficiently criminal level, the black hat turned white hat may have served jail time before resuming a career in a more productive and positive way as an ethical hacker. The computer world is peopled with former black hats, who now hold ethical hacking jobs. Conversely, some white hats, such as Steve Wozniak, never committed any illegal acts, but simply possess the know-how and skills to analyze problems with any computer system.
With increasing use of the Internet and concerns about its security, especially when it comes to things like consumer information or private medical details, there is considerable need for computer experts to work in ethical hacking. Even sites owned by organizations like the US government have been hacked in the past, and concern about information theft remains incredibly high. Designing impenetrable systems or identifying the current weaknesses of a system are vital parts of keeping the Internet safe and information private, and even with the present legion of ethical hackers that perform this work, there is still more work to do.
The above article posted by Mr. Sachin Chauhan Ics