- I.T. - The department that is responsible for security and the upkeep of the computers/ systemes. The a (white hat) hacker has to outsmart the IT department in protecting the information and more find holes in there fire wall to expose. Some white hat hackers get hired for IT because of bug bounties.
- USB - A small device used to store data and applications. A USB is a way a hacker can get into a system as seen in this article. It can also hold the information that the hacker is gained by hacking
- Hacker - A person who uses a device connected to the internet to obtain unauthorized information. This is what a white hat hacker is but they don’t do it to obtain information. They do it to protect the systems users and workers.
- Vulnerability - Easily attacked or weak. White hat hackers make system’s firewall and security less vulnerable. Also hacker get information through the system's vulnerabilities
- Execution - Carrying out a order or product. Hackers execute lines of code to hack and create viruses. Also they execute their orders if they are ordered to do something.
- Bug - A Error in a computer program or system Black hat hackers or bad hackers look for bugs in the security of systems to get information and or hack into a computer program or system. Also white hat hackers look for bugs and tell the companies about them to help the companies
What is a White hat hacker?
A white hat hacker is a hacker who hacks for a company. They help companies with security for their systems and applications. In an article from Wired article they said “ White hats are security researchers or hackers who, when they discover a vulnerability in software, notify the vendor so that the hole can be patched.” Also a Wired article stated “White hat hackers test companies cyber security by “hacking” them and showing them where they are exposed and how easy it was to get in there.” Hackers are sometimes rewarded in doing this with a paycheck and or some other form of reward. (picture is one of the many symbols for a white hat hacker)
Hackers vocab in paragraph above
How much do white hat hackers make?
White hat hackers are rewarded many ways but sometimes not rewarded at all. But in most cases they can make between $500-$100,000. One way hackers can find jobs is becoming part of a network. Mårten Mickos, CEO of HackerOne said during his interview with CNBC “white hat hackers has collected over $10,000,000 in bug bounties in the last 2 years”. Another way white hat hacker can make money is bug bounties as explained in a Fortune article “ The phrase refers to rewards (the bounties) paid to hackers who warn companies about flaws in their computer systems the (bugs). It's long been a popular concept at places like Google, but most non-tech firms opposed it, partly out of fear that a cash-for-hacking program would lead to trouble.” Hackers could also get a job as IT for the companies they get hired for. This shows the many way hackers are paid/ rewarded, and this is how most hackers make money legally. (picture represents a hacker)
IT vocab in paragraph above
http://fortune.com/2017/02/08/bug-bounty-hackerone/?scrlybrkr=b096dba5 Fortune Article
Interview With HackerOne CEO
"White hat hackers has collected over $10,000,000 in bug bounties in the last 2 years"
Is white hat hacking legal?
An article written by Ian Sutherland where he stated “ Most organisations believe that the act of authorising an ethical hacker to test a company’s defences is enough legal protection to justify both sets of actions: firstly, the action of hiring an ethical hacker and secondly, to provide necessary cover for the questionable activities of the hacker, who in turn believes they are justified by the fact that they are acting in the best interests of the company who hired them.” He also said “Companies hire ethical hackers because they need to test their security. By granting their permission to the pentest, they effectively cover their corporate eyes and ears while these tests are carried out. See no evil, hear no evil. And at the end, the ethical hacker presents a nicely polished report pointing out the weaknesses and associated recommendations. What the company has no idea about is how many laws they have enticed the ethical hacker to break to get to this point. The ethical hacker may not know or, more importantly, may not care about the laws that have been broken.” As a result from my research I have decided it depends on the hacker if it is legal or not. Some hackers even after they do help companies look for bugs, turn around and take control of someone's profile for fun. But that is why companies hire them? (picture of code hackers used to get information)
Bug Vocab used in video above
Who uses White hat hackers?
Hundreds of companies use white hat hacker to keep their information safe. CBS news reported “ She met with Mike Santillana, 27, a security researcher who makes money hacking into systems of major companies, such as Google, Twitter, and Apple.” A article from CNBC stated” Purdue professor Gene Spafford, a veteran of cybersecurity education who has also advised government agencies including the NSA, FBI and Air Force. Spafford noted though that — as with most graduate school programs — most of his students are not U.S. citizens.” The US government is the one of the many leaders in employing white hat hackers. They are also moving towards creating a branch of a military. ( Picture shows the many devices hackers can get info from and even hack with)
Will White hat hackers become part of the military?
A article posted on the Register discussed this ” Security experts reckon the US government’s newly unveiled "Hack the Army" bug bounty programme may usher in greater co-operation across the whole arena of security research.The US Army will offer cash rewards to hackers who find vulnerabilities in selected, public-facing Army websites under the scheme, which builds on the US military’s previous "Hack the Pentagon" program.” I think from this article white hat hackers are already part of the military, they make the military's networks and information more secure. Also they are being paid to “hack” in the Pentagon and other areas of the US military. The article also mentions HackerOne a white hat hacker network “ HackerOne, a security consulting firm under contract with the Pentagon, will invite security researchers and bug hunters to participate in the Army challenge. US government civilians and active duty military personnel will also be authorised to participate.” My thoughts on this are maybe hackers would execute viruses on computers of terrorist so they can no longer recruit vea the internet. (picture of pentagon US military's headquarters)
Execute vocab in paragraph above
Brown , Justine. “White hat hacker gets $40K for finding Facebook vulnerability.” CIO Dive, Industry Drive , 20 Jan. 2017, www.ciodive.com/news/white-hat-hacker-gets-40k-for-finding-facebook-vulnerability/434405/.
'Bug bounties' reward white-hat hackers.” Irish Times 21 July 2015, Proquest, Irish Times https://search.proquest.com/docview/1697337119?accountid=42214
Francis, Ryan. "How White Hat hackers do bad things for good reasons." CSO Online. CSO, 11 Jan. 2017. Web. 26 Jan. 2017. http://www.csoonline.com/article/3155914/social-engineering/how-white-hat-hackers-do-bad-things-for-good-reasons.html?nsdr=true
Mickos,Mårten. "HackerOne CEO: White Hat Hackers 'Like A Neighborhood Watch' | CNBC." Youtube. CNBC, 20 OCt, 2016. https://www.youtube.com/watch?v=q8JB-ausv2o&scrlybrkr=8f0bacd7&spfreload=10
Roberts, Jeff John. "The Air Force's New Mission: Pay Friendly Hackers." Hack the Air Force Program Launches for White Hat Hackers | Fortune.com. Fortune, 26 Apr. 2017. Web. 18 May 2017. <http://fortune.com/2017/04/26/hack-the-air-force/?scrlybrkr=64746df0>.
Zetter, Kim. “Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers?” Wired, Conde Nast, 13 Apr. 2016, www.wired.com/2016/04/hacker-lexicon-white-hat-gray-hat-black-hat-hackers/. Accessed 16 Feb. 2017.