Becoming an Ethical Hacker

Becoming CEH

There was a time , where the number of computers on earth roughly exceeded 10 , and the number of programmers was just around hundred or so .
This wasn’t long ago , it has just been about 70 years , when ENIAC , the first computer was invented in 1946 [1] (early calculators and the abacus and early inventions that lead to the first computer are not accounted for , and big thanks to Alan Turing who is considered the father of programming) !

In these 70 years , we didn’t even have the Internet until just around the late 60’s , and the current internet infrastructure was never conceived with piracy and cyber attacks in mind [2].

The technology is so rapidly advancing and growing no doubt , and so is hardware and software :
hundreds of programming languages , dozens of protocoles , tens of operating systems , multicore computers , CPUs , GPUs …
Through the ages technology is constantly evolving, creating space for developments, both good and bad ..
All of this is a bit terrifying for an experienced computer user , because we know how big is the amount of things we don’t know yet , but it is definetly more terrifying for any normal computer user , because you won’t even know what hit you .
From identity theft , to trojens , to to financial disruption , the things a black-het hacker can do are so vast and so harmful , so distructive ..
Have you seen Mr. Robot? if it looks like dystopia or scienc-fiction , let me assure you friend , it is not .
White hat hackers around the globe are constantly fighting such attacks , from DDos attacks that can make entire companies not able to perform services online , to crashing databases and stealing users passes and credits , even to hacking aireport systems , the consequences are deeply severe , and we have to stand up for a better secure world .

All this may sound logical and we should be all cheering for white-hat hackers , the “heroes” that saves the day behind the scenes , but if we started talking about how vast the domain of IT is , and how rapidly it evolves , what does it really take to be a white-hat hacker? what skills do I need to even the field and become on the same wave-length as black-hat hackers who seem to come up with new vulnerabilities every single day ?

I) White-Hat Hacker Skills :

Do not panick , but a good efficient white-hat must have multiple skills in fields that are so different and so vast , from AI , to IoT , to Cloud Computing !

1/ Artificial Intelligence :

AI is no longer sc-fict , we are living in that future of self-driven cars , to fully automated inhuman factories[3] , AI runs them all , it even runs our daily routine tasks such as parking cars , elevators and smart homes .
The domain is vast , and so are the vulnerabilities , imagine if a hacker can gain controle over your car and crash it , or gain controle over hotel systems or even your home !
But , as can black-hat hackers use AI and Machine Learning to exploit vulnerabilities , so can a white-hat !
Have you heard about Facebook who now monitors abusive posts and manages security threats through AI ?[4]

In the last F8 conference , Mark Zuckerberg announced that facebook is now using AI to fight back attacks[5] from spammers who just want money to fake accounts used to share fake informations and shifting public opinion (the Us elections as an example).
So basically , the fastest solution to identify vulnerabilities and security flaws is to use AI and Machine learning .

2/ Internet of Things :

By 2020 , the number of connected devices will exceed 31 billion devices worldwide [6].
From smart watches , to smart fridges , even to smart thermometers , every little gadget we have will be accessible online and connected to bliions of others .
The threat is so big : what if a hacker can access not one or three of these , but millions ?
This can cause massive DDos attacks , massive data collection , among dozens of threats .
Many cases can testify to this threat :

* In a North American casino , hackers managed to transfer data to a device in Finland, through an internet-connected thermometer from an aquarium in the lobby ![7]
* A team of researchers managed to hack and take control of a Jeep SUV using various entry points. The first infiltration was through the car’s Wi-Fi where they finally took control of the head unit’s system ! [7]

Imagine the threat we are now facing , if a hacker manages to take control over airplanes and crush them into shopping centers and stadiums .. it is our job as white-hat hackers to stand up for this distructive behaviour and insure a secure world where gadgets are used to make life easier and not to threaten it .
Every white-hat should have the right skills to fight IoT hackers , and fight them right from the begiing by making each newly developed system as secure as it can be through pentesting and Vulnerability Assessment to deal with flaws and risks .

3/ Cloud Computing:

The Cloud is the data mine of any hacker , keep this thought in mind , we will come back to it .
In 2006 , when large companies such as Google and Amazon began using “cloud computing” to describe the new paradigm in which people are increasingly accessing software, computer power, and files over the Web instead of on their desktops , cloud computing appeared [8] .
Since then , it has been the hottest buzzword in technology ever since , appearing on internet searches over 48 million times !
Who coined it ? who started it ? when? you will get multiple answers , multiple dates , but what you have to know is the following : the implementation of cloud computing is bringing each organisation closer to digital transofrmation , but it is a mine of passwords , emails , bank account details … if left unprotected , a hacker who gains access to such data , will cause great deal of threat !
In august 2013 , yahoo had a data breach where 3 billion accounts – including email, Tumblr, Fantasy and Flickr – were hacked ! [9]
Remember when we said that the cloud is the data mine of hackers? I guess now you get the picture
3 billion people where hacked in a single day , that has to count for something , right?
The number of attacks on cloud-based accounts has increased by 300% as the security report published by windows shows [10] .
If all this should count for something , it should be that white-hat hackers must have the right set of skills to fight this type of attacks and be able to secure the cloud services of a given company .

II) How can I become a white-hat hacker?

As simple as it gets , you can now become a Certified Ethical Hacker (C|EH) !
Join any training session organized by Tunisian Cloud , we offer a variety of sessions and different skills and offers all studied to make YOU a white-hat hacker with the right skill-set to be able to make the world safer and deal with growing evolving threats !
Check out our calendar , and don;t hesitate to conatct us !

Sources :