5 minutes with an ethical hacker
BT's Konstantinos Karagiannis explains ethical hacking and why it's important to exploit vulnerabilities
Ethical hacker? Surely that’s an oxymoron?
Not at all. We’re hackers who are employed to find security flaws in hardware and software by trying to break in to it ourselves, before the bad guys do. I like to say that an ethical hacker is someone with a burning need to solve technical puzzles – without fear of police breaking down the door. They call us white hat hackers.
So how do you become a hacker?
I was a hacker in my teens, in that I was curious and digging into code. Eventually, I learned I could do that professionally.
What skills do you need?
It’s part tech skill, part a way of thinking. If you enjoy breaking things to see how they work, that’s kind of step one. But then you have to master all major operating systems, languages, techniques and tools.
Is it a job with prospects?
Very much so. The world produces countless lines of code and sets up systems every nanosecond. It’s all done by humans, and we’re far from perfect so, of course, there are bugs in the system. There is a growing need for people with the best skills to find those bugs before they are exploited by cyberattackers.
Don’t developers worry that you will make them look incompetent?
Well yes – but in reality there has never been a bug-free application, and we are just there to test them. Some companies also dislike the idea of a stranger
in their networks.
Most hackers love vulnerabilities. That’s where you find something so devastating that a project has to be halted and re-engineered. I’ve had cases where I needed to call a stakeholder at an insane hour to warn them about something serious. Standout moments include being able to generate thousands of dollars in prepaid cards and being able to dump full records of all account-holders.
Do you find it satisfying?
Absolutely. You feel a rush that you found something before it caused a disaster. I believe in building the strongest, safest internet that we can. This global grid wasn’t built with security in mind. It feels amazing to help make it so now.
Download BT's latest report Dealing with the new EU General Data Protection Regulation
New teams, standards and projects are being launched, according to update provided to PAC
Grants available to support improvement of consumer assurance
Experts discuss what the lasting impact of the pandemic might be for government and the public sector
Cross-party group voices opposition to plans to ask members to return to Westminster
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
HPE examines the pros and cons of each solution
Stephen Twynam of Citrix argues that by adjusting Bring Your Own Device to Use Your Own Device, the sentiment shifts and the negative connotations of BYOD are alleviated
CyberArk's David Higgins explores the cyber risks of hiring independent contractors