Does ethical hacking exist? 

 

The technical definition of ethical hacking is what distinguishes the true meaning of the term. Ethical hacking is when a company pays a security expert to hack into its own systems, which is perfectly legal. It’s a way to test out their security infrastructure and see if it is impenetrable (something that is rarely true).

 

The term “hacking” has lost its original meaning, dating back to those movies that made it seem like a data centre was some mythical, dark place in a basement with gleaming red lights and not a dull row of HP servers in a brightly-lit wing of a corporate office. You can now “hack” your microwave or “hack” travel. You can “hack” your sewing machine. Those are not bad things. In fact, the word “hack” is an extremely positive word, something you do to make the world a better place.

 

Yet, think about the “ethics” of ethical hacking. The issue with the phrase “ethical hacking” and not with controlled tests is that it’s meant to find out whether a system can be hacked. There are too many young and impressionable coders who may be drawn to the idea of hacking as a way to prove something can be done or to reveal the holes in a security system. A huge concern to acknowledge is that people will misunderstand the phrase “ethical hacking” and think it gives them a license to hijack computer systems in an uncontrolled way and commit a crime. Does making the tools for “ethical hacking” much easier to obtain mean that a company could be held liable when someone uses those tools for a real crime?

 

The fine line that could be ignored is that “criminal hacking” and “ethical hacking” is roughly the same thing. The person doing the hacking might be ethical; the hack they are doing without the consent of the target in question is not all that ethical.