The hackers’ collective Anonymous in 2015 very publicly used their collective skills to firstly take up the fight against racial intolerance, hatred and violence. They did it by publishing the details of hundreds of alleged sympathisers of the white supremacist Klu Klux Klan (KKK) on the internet. Then, after the horrific attacks in Paris Anonymous declared they were going to retaliate against the Islamic State group. They launched Operation Paris, with the aim of tracking down and exposing members and sympathisers of the terrorist group.
The shift in Anonymous’s approach from generally causing havoc to a strong political and moral agenda is interesting. Whilst it is highly unlikely that Anonymous will become ethical hackers it is worth noting the skills they have and the vast benefit a member of Anonymous could bring in fighting and addressing the on-line threats all organisations face.
What is Ethical Hacking?
Ethical Hacking is a term widely used to define IT Security professionals who attempt to break into IT systems to identify weaknesses that could otherwise be exploited by malicious intruders. The customer and the hacker have a clearly defined agreement. Permission is granted by the customer for their systems to be hacked and usually a legally binding disclaimer is signed should the process result in significant damage or down time for the customer.
There are many famous examples where individuals convicted of crimes have been employed by the very same organisations they have previously committed crimes against. The true life story of Frank Abagnale, Jr played by Leonardo DiCaprio in the film “Catch me if You Can” highlighted the value that can be gained by utilising the services of an intelligent criminal who knows how to abuse systems and evade prosecution. In the end when captured Frank became a consultant and lecturer for the very same FBI that he had been evading.
There is no underestimating the value that being able to think like a criminal can have in protecting an organisation. However, it should be remembered that for hacking to be ethical it has to demonstrate benefits and be undertaken openly between consenting parties.