Automation Concepts
and Technologies, Inc.

Serving the Boston Area for 19 years 

What is Ethical Hacking?

The term hacker did not always have a negative connotation. As the story, goes a group of engineering students at MIT coined the word to describe a clever or ingenious prank or program, usually involving a computer. Hackers at MIT operated under an honorary code of ethics.

According to the MIT "hacker ethic," a hack must:

be safe
not damage anything
be funny, at least to most of the people who experience it
not damage anyone, either physically, mentally or emotionally
 

On the other hand, the word Cracker was originally used to describe people who gained access to computers for malicious intent.

Over the years misguided reporters misused the word Hacker so much to describe Crackers that the two words became interchangeable. Hacker finally became the more popular of the two. Now, any attempt to misuse or attack a computer system is considered Hacking.

An Ethical Hacker is an individual who is hired by an organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an Ethical Hacker and an organization, it is legal. The most important point is that an Ethical Hacker has authorization to probe the target. *

The EC-Council, The International Council of E-Commerce Consultants, certifies Ethical Hackers through training and testing. C-EH, Certified Ethical Hacker, is the one of the most sought after certifications in the security industry.

Today computer security has become a major concern for businesses. They want and need to be able to take advantage of the internet for advertising, commerce, and dissemination of information, but they are concerned about being hacked. The best way for these companies to evaluate the vulnerability of their systems is to have independent computer security professionals attempt to break into these systems.

Much like having an independent audit of the firm’s accounting practices and systems, a team of professionals will attempt to gain access to organization's systems. These teams of Ethical Hackers are often called Red Teams or Tiger Teams. They use the same tools and techniques as would be hackers, but they do not damage target systems or steal information. Instead, they evaluate the vulnerabilities in a company’s system and create a comprehensive report for the management and IT staff with recommended solutions.