Cyber Weaponry pp 113-124 | Cite as

“Who Was That Masked Man?”: System Penetrations—Friend or Foe?

Chapter
Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)

Abstract

This chapter explores a range of hacking techniques that can be used for either malicious or good purposes. It focuses on the role of the penetration tester, also known as a white hat hacker, or an ethical hacker. The discussion highlights the need to employ ethical hackers to expose system vulnerabilities so that they can be addressed before they are exploited by criminals or other threat actors. Because the techniques and methods used by ethical hackers are largely the same as those used by malicious hackers, there are some risks that need to be considered. Moreover, that there is a need for improving the standard of professionalism amongst ethical hackers, through certification, education and validation. Professionals in this area of IT assist organizations to mitigate cyber threats, not only by testing systems, but also in reviewing policies, procedures and controls. Ethical hackers are thus, an integral component of a mature security program.

Keywords

Penetration testing Ethical hacking White hat hacking Hackers 

References

  1. Barber R (2001) Hackers profiled—who are they and what are their motivations? Comput Fraud Secur 2001:14–17CrossRefGoogle Scholar
  2. Burmeister OK (2017) Professional ethics in the information age. J Inf Commun Ethics Soc 15(2)Google Scholar
  3. Cisco (2015) Mitigating the cybersecurity skills shortage: top insights and actions from Cisco Security Advisory Services, 2015, 2. Viewed May 15, 2017. http://www.cisco.com/c/dam/en/us/products/collateral/security/cybersecurity-talent.pdf
  4. Engebretson P (2013) The basics of hacking and penetration testing: ethical hacking and penetration testing made easy. Elsevier, WalthamGoogle Scholar
  5. Granger S (1994) The hacker ethic. In: Proceedings of the conference on Ethics in the computer age, ACM, pp 7–9Google Scholar
  6. Graves K (2010) CEH: certified ethical hacker study guide. Wiley, IndianapolisGoogle Scholar
  7. “Kali Tools” (n.d.) Viewed June 5, 2017. http://tools.kali.org/tools-listing
  8. Morris RG (2010) Computer hacking and the techniques of neutralization: an empirical assessmentGoogle Scholar
  9. “NVD – CVSS” (n.d.) Viewed May 19, 2017. https://nvd.nist.gov/vuln-metrics/cvss
  10. Telstra (2016) Telstra cyber security report 2016. Viewed April 28, 2016. http://exchange.telstra.com.au/2016/02/23/telstra-cyber-security-report-2016/
  11. Thomas G (2017) An ethical hacker can help you beat a malicious one. The Conversation. Viewed May 19, 2017. https://theconversation.com/an-ethical-hacker-can-help-you-beat-a-malicious-one-77788
  12. Thomas G, Burmeister OK, Low G (2017a) Issues of Implied Trust in Ethical Hacking. In: Proceedings of The 28th Australasian Conference on Information Systems, December 4–6, Hobart, AustraliaGoogle Scholar
  13. Thomas G, Duessel P, Meier M (2017b) Ethical issues of user behavioral analysis through machine learning. J Inf Syst Secur 13(1):11Google Scholar
  14. Verizon (2016) 2016 data breach investigations report. Viewed May 24, 2017. http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Corrs Chambers WestgarthMelbourneAustralia
  2. 2.SQL Down UnderBlackburn NorthAustralia
  3. 3.Charles Sturt UniversityBathurstAustralia

Personalised recommendations