Ethical Hacking Rough Draft Trevor Henry Liberty University ✓ Solved

Ethical Hacking Rough Draft Trevor Henry Liberty University

Ethical hacking involves principles such as morals, respect, and truth towards others. Trainees studying ethical hacking are expected to guarantee these principles to ensure they do not engage in activities that cause harm to others using computer networks or the internet. Concerns have arisen regarding the involvement of ethical hacking trainees in cyberattacks, particularly following high-profile hacks of corporations like JP Morgan and Equifax. This raises questions about the moralities of ethical hacking and whether those being trained may become perpetrators themselves.

Ethical hacking aims to identify vulnerabilities in a computer system to bolster security against future attacks. Unlike criminal hackers, ethical hackers intrude systems with the intention of improving security rather than for personal gain. To successfully penetrate a system, ethical hackers must utilize the same tools as their criminal counterparts.

Ethical hackers assess privacy controls and help target companies understand their strengths and weaknesses. Penetration testing is instrumental in revealing a company’s vulnerability to attacks. These tests typically last around five days and allow ethical hackers to recommend strategies for risk minimization (Jamil & Khan, 2011). With advancing technology, the need for competitive ethical hackers is crucial (Pike, 2013). However, concerns linger about whether students possess the right intentions. Course leaders focus on teaching ethics, vital for understanding the balance between penetrating a system and the knowledge required to commit crimes (Palmer, 2001).

Inadequate skills in ethical hacking can pose significant risk. There's a potential danger if trained hackers are not compensated adequately, which may lead to a shift in their intentions. Jamil & Khan (2011) assert that competitive salaries are necessary to maintain the integrity of ethical hackers.

Ethics of Teaching Attacker Tools

Educating students in ethical hacking often leads to concerns that institutions may teach dangerous skills without adequately instilling a sense of responsibility. Wulf (2003) observes that universities are increasingly offering hacking training traditionally obtained from criminal hackers. This accessibility of hacker knowledge raises the risk of misuse, prompting society to hold institutions accountable for the unethical actions of their students.

To mitigate these risks, schools enforce student codes that promote caution and responsibility. Students are required to sign liability agreements for their hacking activities, which emphasizes the weight of their actions. These precautionary measures enable students to recognize legal boundaries and the repercussions of unethical hacking (Wulf, 2003). However, teaching ethical hacking can be seen as equipping students with potentially harmful skills, akin to handing them a loaded gun.

The case of Randal Schwartz underscores the blurred lines in ethical hacking. An employee at Intel, Schwartz exploited a weak password to develop a password-cracking program, raising ethical issues as he was not assigned the role of security personnel.

Understanding the Intentions of Hackers

While ethical hackers generally aim to reinforce security, criminal hackers are driven by motivations that often lead to malicious exploitation of information. According to Jamil & Khan (2011), many breaches are committed by disgruntled employees, overshadowing the noble intentions of ethical hacking. A report by KPMG indicates that as much as 42% of UK fraud cases are facilitated by insiders (Jamil & Khan, 2011).

Ethical Hacking in Risk Management

To prevent unauthorized access, companies must bolster security measures. Trust plays a significant role in hiring ethical hackers, with concerns regarding their integrity. For ethical hacking to be integrated effectively, it is essential for firms to incorporate these strategies into their overall organizational planning.

Conclusion

In conclusion, ethical principles are crucial in shaping the conduct of trainees engaged in ethical hacking. Institutions must enhance their curriculum to include ethics alongside technical training, as understanding the legal implications of hacking is imperative. Trust issues in this sector will likely persist, yet the importance of ethical hacking in risk management remains undeniable.

References

• Jamil, D. A. N. I. S. H., & Khan, M. N. A. (2011). Is ethical hacking ethical? International Journal of Engineering Science and Technology, 3(5).
• Palmer, C. C. (2001). Ethical hacking. IBM Systems Journal, 40(3).
• Pike, R. E. (2013). The "ethics" of teaching ethical hacking. Journal of International Technology and Information Management, 22(4), 4.
• Saleem, S. A. (2006, September). Ethical hacking as a risk management technique. In Proceedings of the 3rd Annual Conference on Information Security Curriculum Development.
• Wulf, T. (2003). Teaching ethics in undergraduate network security courses: the cautionary tale of Randal Schwartz. Journal of Computing Sciences in Colleges, 19(1), 90-93.
• American Psychological Association. (2020). Publication manual of the American Psychological Association (7th ed.).
• KPMG. (2016). The KPMG Fraud Barometer. KPMG International.
• Wiley, C. R., & Henson, R. (2016). Ethical implications of hacking. Cybersecurity Journal, 2(2).
• Smith, J. A. (2018). The role of ethics in ethical hacking. Journal of Computer Security, 26(3).
• Jones, T. (2019). Cybersecurity training in the 21st century: Ethical hacking education. Information Security Review, 43(1).