Table
of Contents
Ch. No. Title
1. What
is cyber security?
1.1Why do we need cyber security?
1.2Cyber
Law India.
2. Internet
Threats
2.1
E-mail Threats.
2.2 Website Threats.
2.3 Network Threats.
2.4
Phone Threats
2.5 Debit
and credit card threats.
2.6 Trojans, spywares and viruses.
2.7
Wi-Fi Security.
3. Some
common methods used in attacks.
3.1
Phishing.
3.2
Password Cracking.
4. Security
on Internet.
5. Career
in Cyber Security.
What is Cyber Security?
Cyber security is information security as applied to
computers and networks. The field
covers all the processes and mechanisms by which computer-based equipment,
information and services are protected from unintended or unauthorized access,
change or destruction. Computer security also includes protection from
unplanned events and natural disasters.
There
are many numbers of reasons. The cyber community changes in an unbelievable
pace. The nature of the Internet as a tool for communication and education has
been used and misused for personal gain, which resulted in cyber-attacks and
unprecedented rise in cyber-crime rates. These rates are expected to increase
more rapidly in the coming years if cyber security is not put in place.
1-Hackers are
everywhere, they find loopholes and vulnerabilities in our system and thus they
can read or manipulate our private data or confidential information. Moreover,
they can create backdoors so that they could access our system whenever they
want.
2- Internet
scams and frauds are rampant. These include phishing, a very organized cyber-crime,
which deceives people into giving their banking details.
3- Viruses, worms and malwares are very harmful for our
computers and systems. They can slow down our systems and even damage it.
Malwares could send our logs to other person (hacker).
4- Spyware,
as the name hints, can spy on you. A computer program automatically installed
on your computer, spyware tracks personal information you entered and sends it
to its creator.
Cyber Law India: With
anonymously growing of internet, it has become necessary to make a body that
has controls over the internet. Because one can miss use it and can commit
crimes. India also has a cyber-law. It
covers these areas:-
1.
The basic of Internet Security.
2.
Basic information on Indian Cyber Law.
3.
Impact of technology aided crime.
4.
Indian IT act on covering the legal aspect of all
online activities.
5.
Types of Internet policies required for an
organization.
6.
Minimum Hardware and software, security measures
required for an organization to protect data.
Internet Threats:-
E-Mail Threatsà
Electronic mail (email) is a widely used communication
mechanism that can be categorized into two basic types of web-based service: an
open web-based email service and a closed web-based service. The first category
provides web-based email accounts to anyone for free or at a fee. The second
category provides email accounts that are managed by organizations for
employees, students, and members only. Commercial and social websites rely on
the security of email accounts. Large amounts of email exchanges are occurring
daily, some of which contain personal information, company secrets, and
sensitive information. This makes email accounts very valuable and becomes one
of the main causes of email hacking.
Email spamà
As rules that govern unsolicited emails tighten, spammers
attempt to find new ways around them. Attackers often send massive email
broadcasts with a hidden or misleading incoming IP address and email address.
Some users may open the spam, read it, and possibly be tempted by whatever
wares or schemes are offered. If the spammer were to get a hold of a company’s
sending email and IP address, the impact on the company's business would be
devastating. The company’s Internet connection would be terminated by its
Internet Service Provider (ISP) if its email and IP address are added to the
black list of known spamming addresses. Effectively, this
would shut down the company’s online business because none of
the emails would reach their destination.
Virusà
Some emails incorporate a virus as a means of transportation.
The Sobig virus is an example of such technology, creating a spamming
infrastructure by taking over unwilling participants’ PC. This was a major threat to email security as
spam will continue to spread and trigger dangerous viruses for malicious
intent.
This type of attack uses email messages from legitimate businesses
that the user may be associated with. Although the messages look authentic with
all the corporate logos and similar format as the official emails, they ask for
verification of personal information such as the account number, password, and
date of birth. 20% of unsuspecting victims respond to them, which may result in
stolen accounts, financial loss, and even worse, identity theft.
Email Privacy
To maintain privacy of your Email and to Protect our Email ID from being
hacked
we must follow some basic steps as follows,
1. Enable two step verification in your Email accounts.
2. Enable Login-notification for your email and get notification in your
mobile whenever you login.
3. Set a strong password with a mix of alphabets, numbers and special
characters.
4. Enable login- notification for you Facebook accounts to prevent
unauthorized
access.
5. Enable HTTPS in your email settings and your Facebook account
settings.
6. Never share your password with anyone. Even to your closest person.
7. Setup a recovery question which is difficult to answer and never
setup an easy &
guessable answer to your security question.
8. Never click on any links sent through mail or chat. It may be a link
which can steal
your cookie or inject any viruses.
9. Always check your address bar for proper website address before
logging in.
10. Whenever you Need to Forward an Email to More than One Person use
the BCC
Option to Write Addresses.
11. If you are Unable to Access Your Email Account Immediately Report it
to the Service
Provider. They Give You a Option of Forgot Password/Account Hacked etc.
12. Avoid Using FREE WIFI Access At Public Places.
Website Threats:-
Website is set of
related webpages hosted by a webserver, accessible via a network such as the Internet
or a private local area network through an Internet address known as a Uniform
resource locator. All publicly accessible websites collectively constitute the
World Wide Web. A website is scripted or written in languages like HTML, PHP,
.net, XHTML, CSS, java script, J query etc.
Most used webservers
are:-
Apache
IIS
Google
NGINX
Authentication Process of websites:
Most of the websites
today requires the user to sign up for their services. And then we have to
sign-in each time when we need the service. Some common examples are Facebook,
Gmail, twitter, forums, shopping websites, internet banking, online storage,
etc. Each website gets the username and password from the user and sends it to
the server, where it is verified by comparing it with the details in its
database and then the user is allowed to use the specific service offered by
the website. All these things happen in few seconds over the internet.
Attacks on Websites & Web Applications
There are several
Attacks performed on websites and web-based applications every minute, and most
of the attacks are due to improper coding and poor programming skills.
Some of the common attacks performed on website /
web-applications are as follows
1. SQL Injection
2. XSS
3. RFI & LFI
Attacks
SQL Injection Attacks- An SQL
injection is probably the most abundant programming flaw that exists on the
internet at present. It is the vulnerability through which an unauthorized
person can access various critical and private data. The SQL injection is not a
flaw in the web or DB server, but is a result of the poor and inexperienced
programming practices. And it is one of the deadliest as well as easiest
attacks to execute from a remote location.
Let's see an example,
where the username ‘admin’ with the password ‘i3indya’ can log into the site.
Suppose the SQL query for this is carried out as below:
SELECT USER from
database WHERE username=' admin' AND password='amity'
If the above SELECT
command evaluates true, the user will be given access to the site otherwise
disallowed. Think what we could do if the script is not sanitized.. This opens
a door for the hackers to gain illegal access to the site.
In this example, the
attacker can enter the following user data in the login form:
Username: a or 1=1—
Password: blank
So, this would make our
query as:
SELECT USER from
database WHERE username=' a' or 1=1-- ' AND password=''
Cross Site Scripting Attack ( XSS )
Cross Site Scripting or
XSS is an attack which allows a hacker to insert malicious codes into the
webpage either temporarily or permanently. These codes which are inserted
mostly run on client side ( The end-user or victim ) and some on the server
side ( Affecting all users of that website ).
It is a common
vulnerability found in several web applications , Due to breaches of browser
security, XSS enables attackers to inject client-side script into Web pages
viewed by other users.
There are two types of
XSS,
1. Persistent XSS (
Stored XSS )
2. Non-Persistent XSS (
Reflected XSS )
Stored XSSà
Stored XSS
vulnerability is a more devastating variant of a cross-site scripting flaw, it
occurs when the data provided by the attacker is saved by the server, and then
permanently displayed on "normal" pages returned to other users who
normally visit that page. A classic example of this is with online message
boards where users are allowed to post HTML formatted messages for other users
to read. This is a severe threat to the users of that website.
Reflected XSSà
Reflected XSS
vulnerability is the most common type of XSS. These vulnerabilities show up
when the data provided by a web client, most commonly in HTTP query parameters
or in HTML form submissions, is used immediately by server-side scripts to
parse and display a page of results for and to that user, without properly
sanitizing the request.
It is most commonly
found in the search box of several websites which doesn’t sanitize the input
given by the users. Which means it accepts special characters and other
variables and allow script to be run using the search box or other holes.
RFI & LFI Attacks
Remote File Inclusion ( RFI )
Remote File Inclusion
(RFI) is a type of vulnerability of website which allows an attacker to include
a remote file, usually through a script on the web server. The vulnerability
occurs due to the use of user-supplied input without proper validation. This
can be used just to display contents of a file and can also be used for the
following attacks-
A. Code execution on the web server
B. Code execution on the client-side such as
JavaScript which can lead to other attacks such as cross site scripting (XSS).
C. Denial of Service (DoS)
D. Data Theft/Manipulation
Local File Inclusion ( LFI )
Local File Inclusion (
LFI ) is a vulnerability where the local files of the webserver can be accessed
by anybody by using their website in a browser. The attacker can traverse the
entire directory of the webserver therefore allowing access to sensitive data
and password files.
The LFI can be
exploited by using “../” to traverse one directory up in a webserver. Therefore
if multiple “../” is used then the attacker can access the root directory of
the webserver and view sensitive files such as the passwords. Usually in Unix
servers the folder containing the passwords is in “etc/passwords” file.Suppose
if a site is vulnerable to LFI , then the example below will display the
contents of the password file of a Unix server.
This is the RFI &
LFI Attacks these can be prevented by restricting the access to folders and by
sanitizing the user inputs.
Countermeasures:-
1- Secure Programming
is needed for programmers to prevent website and website users from being
attacked
2-Users must be careful not to click on any
unwanted links in websites.
3-Never use same password for different
websites, even if one is compromised, you are safe.
4-Inputs must be sanitized in the web
applications and web forms.
Network Attacks:-
A computer network or
data network is a telecommunications network that allows computers to exchange
data. In computer networks, networked computing devices (network nodes) pass
data to each other along data connections. The connections (network links)
between nodes are established using either cable media or wireless media. The
best-known computer network is the Internet.
Footprinting
Footprinting is the act
of gathering information about a computer system and the companies it belongs
to. Footprinting is the first step hackers take in their hacking process.
Footprinting is important because to hack a system the hacker must first know everything
there is to know about it.First, a hacker would start gathering information on
the targets website. Things a hacker would look for are e-mails and names. This
information could come in handy if the hacker was planning to attempt a social
engineering attack against the company.
Port Scanning
The point of port
scanning a server is to detect its open ports the port’s listening services.
Once a hacker knows all the services running on your server, he could search
for possible vulnerabilities they may have and exploit them to take control of
our website. Along with finding out what ports are running,
the hacker needs to also find out what operating system the server is running.
There are always a lot of operating system vulnerabilities out there to choose
from. So by knowing the operating system, the hacker’s chances of taking over
the server go up.
Denial-of-Service (DoS) – There are many types of DoS attacks, but they
all have one purpose: to make the target server unavailable for legitimate
users. The most common type of DoS attack is when the hacker sends a flood of
information to the target server causing it to use up all of its resources, and
in return pushing it offline, or causing it to deny requests from legitimate
users trying to access it.
Buffer Overflow (BoF) – A buffer overflow happens when a program
attempts to store more data into a buffer, or a data storage area, then it was
meant to hold. Because the buffer was only meant to hold a certain amount of
data, the extra information overflows into other buffers causing them to be
overwritten with malicious code created by the hacker. Once this code is
executed, the hacker can receive full control of the server.
ARP spoofing- It is a
technique whereby an attacker sends fake (“spoofed”) Address Resolution
Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to
associate the attacker’s MAC address with the IP address of another host (such
as the default gateway), causing any traffic meant for that IP address to be
sent to the attacker instead.
ARP spoofing may allow
an attacker to intercept data frames on a LAN, modify the traffic, or stop the
traffic altogether. Often the attack is used as an opening for other attacks,
such as denial of service, man in the middle, or session hijacking
attacks.The attack can only be used on networks that make use of the Address
Resolution Protocol (ARP), and is limited to local network segments.
There are a few things
we can do to stay secure from network hacking attempts-
1. Keep all your software
up to date. There will always be new vulnerabilities coming out, and your
responsibility is to patch them immediately after a patch comes out.
2. Implement a
firewall. This will keep most of the bad data out and good data in.
3. Install anti-virus software.
4. Scan your system
with a vulnerability scanner. This may reveal possible vulnerabilities in your
system.
Phone Hacking:-
Phone hacking is the
practice of intercepting telephone calls or voicemail messages, often by
accessing the voicemail messages of a mobile phone without the consent of the
phone's owner. All smartphones, as computers, are preferred
targets of attacks. These attacks exploit weaknesses related to smartphones
that can come from means of communication like SMS, MMS, wifi networks, and
GSM.
Malware Apps -Just as malware downloaded from the Internet can crack open
our computer, malware apps can leave our phone exposed. The major app stores
usually try to prevent malware apps from getting spread through their
platforms, but malware apps do get through and can even be distributed through
Web pages as a download. Common sense is a fair barrier against malware. Right
now, the true extent of malware app penetration is unknown and may be
exaggerated.
Phishing-Phishing may be actually more effective on a mobile Internet browser
because the smaller address bar makes it less likely that a user will carefully
check the address before entering information. The best way to protect yourself
from phishing is to enter important addresses – those for sites where you will
be entering private information – from scratch.
GSM encryption Algorithm –Sometimes algos used by GSM services could be
cracked and lead to voicemail hacking. Nohl working with others around the
Internet -- has created a guidebook for cracking the Global System for Mobile
communication's 64-bit A5/1 algorithm, which was adopted in 1988. 3G networks
use 128-bit encryption to protect Relevant Products/Services caller privacy and
the new A5/3 algorithm is being "phased in," GSM Association.
Countermeasures:-
Being skeptical-A user should not believe everything that may be
presented, as some information may be phishing or attempting to distribute a
malicious application. It is therefore advisable to check the reputation of the
application that you want to buy before actually installing it.
Permissions given to applications-The mass distribution of applications is
accompanied by the establishment of different permissions mechanisms for each
operating systems. It is necessary to clarify these permissions mechanisms to
users, as they differ from one system to another, and are not always easy to
understand.
Mobile Antivirus- Many antiviruses for cell phones are available.
E.g. Avast Mobile Security, Quick Heal, Kasper Sky, etc.
Credit Card & Debit Card Hacking:-
Nowadays Internet
banking and credit cards are very common methods of funds transfer and online
shopping. And the most interesting thing is that it is done over SSL. So people
always have a misconception that their accounts cannot be hacked as their
transactions are secured by extra security Layer i.e. SSL but its quite easy to
break the SSL. So its always better to secure your computer and internet
connection rather than depending on payment sites.
The fatal flaw that
enabled the sensitive information to be stolen is possible when an end-user is
not properly educated on an easy to do and well-known SSL exploit – SSL MITM.
The hackers take benefit of that to get access your sensitive data. Hacker runs
a series of utilities to redirect other user’s data through his machine. He
runs a number of other utilities to sniff the data, act as an SSL Certificate
Server and to be the Man-the-Middle. He
send us a fake SSL certificate, thus we actually connect to his machine instead
of bank’s system. In this case, our credentials are being transmitted between
our browser and the hacker’s machine. The hacker is able to grab that traffic,
and, because he gave us the certificate to encrypt the data/credentials, he can
use that same certificate to decrypt our data/credentials.
Phising is also used to
steal credentials.
Countermeasures:-
Educate the end-user on
the Security Alert and how to react to it.
Utilize One Time
Passwords, such as RSA Tokens, to prevent the reuse of sniffed credentials.
When using SSL VPN,
utilize mature products with advanced features, such as Juniper’s Secure
Application Manager or Network Connect functionality.
Trojans, Spywares and Viruses
A Trojan or a Trojan Horse is a is a malicious
application that acts like a legitimate file or helpful program but whose real
purpose is, for example, to grant a hacker unauthorized access to a computer.
Trojans do not attempt to inject themselves into other files like a computer
virus. Trojan horses may steal information, or harm their host computer
systems.
Trojans are mostly
embedded with legitimate software or downloaded from websites by some Ads etc.,
It is a very dangerous form of Malware which can perform advanced operations
like the following,
1.
Use of the
machine as part of a botnet (e.g. to perform automated spamming or to
distribute Denial-of-service attacks)
2.
Electronic
money theft
3.
Data theft
(e.g. retrieving passwords or credit card information)
4.
Installation
of software, including third-party malware
5.
Downloading
or uploading of files on the user's computer
6.
Modification
or deletion of files
7.
Keystroke
logging
8.
Watching
the user's screen
9.
Crashing
the computer
1. Anonymizing internet viewing
Viruses
A computer virus is a
type of malware that, when executed, replicates by inserting copies of itself
(possibly modified) into other computer programs, data files, or the boot
sector of the hard drive; when this replication succeeds, the affected areas
are then said to be "infected".
Your computer may be infected if you
recognize any of these malware symptoms:
·
Slow computer performance
·
Erratic computer behavior
·
Unexplained data loss
·
Frequent computer crashes
Spywares
Spyware is software that
aids in gathering information about a person or organization without their
knowledge and that may send such information to another entity without the
consumer's consent, or that asserts control over a computer without the
consumer's knowledge. Spyware can collect almost any type of data, including
personal information like Internet surfing habits, user logins, and bank or
credit account information. Spyware can also interfere with user control of a
computer by installing additional software or redirecting Web browsers. Some
spyware can change computer settings, which can result in slow Internet
connection speeds, un-authorized changes in browser settings, or changes to
software settings.
Worms
A computer worm is
a standalone malware computer
program that replicates itself in
order to spread to other computers. Often, it uses a computer
network to spread itself, relying on
security failures on the target computer to access it. Unlike a computer
virus, it does not need to attach itself
to an existing program. Worms almost always cause at least some harm to
the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a
targeted computer.
Security Against Malwares
1. Install a good
antivirus. Free or Paid is good, but don’t used cracked or pirated versions.
2. Install real-time
anti-spyware protection
3. Update your
Anti-virus programs daily.
4. Perform scans on
your computer daily.
5. Disable autorun to
prevent infection from pendrives.
Wi-Fi Security.
Wireless/Wi-Fi is a
technology which allows devices to connect with each other to exchange data in
a computer network or for connecting to high speed internet. It is also called
WLAN. Wi-Fi devices can connect to each other or to an access point to connect
with each other and to the internet. Wi-Fi devices works are based on IEEE
802.11 standards.
There are three types
of Wi-Fi securities available-
1-
Open Wi-Fi.
2-
WEP.
3-
WPA/WPA2.
WEP Cracking- Wired Equivalent Privacy (WEP) is a security algorithm for IEEE 802.11
wireless networks. WEP, recognizable by the key of 10 or 26 hexadecimal digits,
was at one time widely in use and was often the first security choice presented
to users by router configuration tools. WEP can be easily hacked using
sniffing. Packet sniffing allows individuals to capture data as it is
transmitted over a network. Packet sniffer programs are commonly used by
network professionals to help diagnose network issues and are also used by
malicious users to capture unencrypted data like passwords and usernames in
network traffic. Once this information is captured, the user can then gain
access to the system or network. Tools like Aircrack-ng and Backtrack OS are
capable of hacking any WEP encrypted network easily.
WPA/WPA2- It is an advancement to WEP .
WPA2 also improves the security of Wi-Fi
connections by requiring use of stronger wireless encryption than what WPA
requires. Specifically, WPA2 does not allow use of an algorithm called TKIP
(Temporal Key Integrity Protocol) that has known security holes (limitations)
in the original WPA implementation. Several different forms of WPA2 security
keys exist. WPA2 Pre-Shared Key (PSK) utilizes keys that are 64 hexadecimal
digits long and is the method most commonly used on home networks.
Security Tips:-
1.
Change
Default Administrator Passwords (and Usernames).
2.
Turn on (Compatible) WPA / WEP Encryption.
3.
Change the Default SSID.
4.
Enable MAC Address Filtering.
5.
Disable SSID Broadcast.
6.
Assign Static IP Addresses to Devices.
7.
Enable
Firewalls On Each Computer and the Router
8.
Turn Off
the Network During Extended Periods of Non-Use.
Some Common methods used in attacks
1-
Phishingà
Phishing is the act of attempting to acquire information such as
usernames, passwords, and credit card details (and sometimes, indirectly, money)
by masquerading as a trustworthy entity in an electronic communication.
Communications purporting to be from popular social web sites, auction sites,
banks, online payment processors or IT administrators are commonly used to lure
unsuspecting public.
1. Attacker convinces the victim to click on the link of fake login page
which resembles a genuine login page.
2. Victim enters his credentials in fake login page that goes to
attacker.
3. Victim is then redirected to an error page or genuine website
depending on attacker.
Countermeasures:-
·
Do not reply to emails that request financial information,
even if it appears to be from a trusted source.
·
Do not reply to emails from unrecognized senders.
·
Secure websites are indicated by a lock on the browser's
status bar or the prefix "Https://" instead of Http://. "
·
Information from an email is temporarily stored on a
computer's local disk and can be retrieved by another user if it is not
properly deleted.
·
If your browser has a pop-up blocker, enable it.
·
Do not copy any website addresses from a pop-up window into
your browser.
Password Cracking
Nowadays, passwords are
the only form of security on most websites and computer systems. It has become
one of the most common and easiest ways for a hacker to gain unauthorized
access to your computer or network.
Social
Engineering – Social engineering is when a hacker takes advantage of
trusting human beings to get information from them.
Dictionary Attack- A dictionary attack is when a text file full of
commonly used passwords, or a list of every word from the dictionary is used
against a password database. Strong passwords usually aren’t vulnerable to this
kind of attack.
Brute-force attack- Brute-force attacks can crack any passwords.
Brute-force attacks try every possible combination of letters, numbers, and
special characters until the right password is found. Brute-force attacks can
take a long time. The speed is determined by the speed of the computer running
the cracking program and the complexity of the password.
Rainbow Tables- A Rainbow table is a huge pre-computed list of hash values
for every possible combination of characters. A password hash is a password
that has gone through a mathematical algorithm that transformed it into
something absolutely foreign. A hash is a one way encryption so once a password
is hashed there is no way to get the original string from the hashed string. A
very common hashing algorithm used as security to store passwords in website
databases is MD5.Well when we login and submit our username and password, a
script takes our password and runs it through the md5 algorithm. The outcome
hash is compared to the hash stored in the database. If they are the same, we
are admitted.
If I were to run the
word “cheese” through the md5 algorithm, the outcome would be
fea0f1f6fede90bd0a925b4194deac11.
Countermeasures:-
Ø Use strong passwords upto atleast 10 characters
with combinations of uppercase, lowercase, numbers and symbols. E.g. –
P@5$w0rD_)(*
Ø Never ever use name, pet name, any relative’s
name, phone number, car number in password which could be easily guessed.
Ø Never use any password in more than one account
or IDs.
Ø Never click on any unknown link sent by any
person, it could be phishing or cookie-grabbing.
Ø Never share password with any person.
Security on Internet.
Hacking is another side of Cyber. Some people are very
notorious and net savvy. They love to keep, update themselves and bring
innovative ideas. Hacker is one of them, spending almost all time on internet
and doing illegal activities and spreading it all over the world. Thus
infecting the internet and making people to do like those ultimately increasing
cybercrimes.
Staying Safe on Internet
Internet is the
playground of Hackers and Malicious programs, To be safe on the internet we
have to follow some basic rules.
1.
Always Use
Genuine Antivirus/Internet Security Software Regularly Updated with Internet.
2.
Keep your
Firewall ON and Updated.
3.
The Browser
should be kept free from toolbars which get automatically installed on your
browser.
4.
Never Save
Your Passwords on your Browsers and Instant Messengers like Yahoo, Google, and
Skype etc.
5.
Keep your
Browser Temporary Cache, Cookies Clear on Regular Basis.
6.
While
Browsing Don't Install Shortcuts and Toolbars from Pop Ups and Ads.
7.
Don't
Download Pirated Stuff from Untrusted Sites. (e.g. Music, Videos, Free Software)
8.
Always
Install Software's Available at the Parent Sites.
9.
Don't Click
on Suspicious Links/Hyperlinks Which Are Luring and Tempting.
Career in Cyber security
According to naukri.com there are 5800 vacancies in field of cyber
security and network security. Cybersecurity
is one of the hottest fields in technology today and the trend will continue
for the foreseeable future. As noted in a “Best Jobs” article on the CNN Money
website, cyber security is among the top ten fastest growing careers in
America, with a 27% growth rate. All
industries, from retail sales to hospitals to power plants, are dependent on
information technology (IT), and cybersecurity is critical to ensuring IT
assets are protected.
The Certified
Ethical Hacker is a professional certification provided by the
International Council of E-Commerce Consultants (EC-Council.)
An ethical hacker is usually employed by an organization who trusts him
or her to attempt to penetrate networks and/or computer systems, using the same
methods as a hacker, for the purpose of finding and fixing computer security
vulnerabilities. Unauthorized hacking (i.e., gaining access to computer systems
without prior authorization from the owner) is a crime in most countries, but
penetration testing done by request of the owner of the victim system(s) or
network(s) is not.
A Certified Ethical Hacker has obtained a certification in how to look
for the weaknesses and vulnerabilities in target systems and uses the same
knowledge and tools as a hacker.
Companies like Google, Yahoo, IBM, etc. always look for people who can
find vulnerability and bugs in their systems and pay a lot of money.
Government organizations like CBI, NIA, Indian Army and other defense
services hire many cyber security analysts every year and an ethical hacker can
always build his own career as a white hat.
By:-
Neeraj Negi
Amity University Rajasthan.
