Associate feature: 5 minutes with an ethical hacker
BT's Konstantinos Karagiannis explains ethical hacking and why it's important to exploit vulnerabilitie
Ethical hacker? Surely that’s an oxymoron?
Not at all. We’re hackers who are employed to find security flaws in hardware and software by trying to break in to it ourselves, before the bad guys do. I like to say that an ethical hacker is someone with a burning need to solve technical puzzles – without fear of police breaking down the door. They call us white hat hackers.
So how do you become a hacker?
I was a hacker in my teens, in that I was curious and digging into code. Eventually, I learned I could do that professionally.
What skills do you need?
It’s part tech skill, part a way of thinking. If you enjoy breaking things to see how they work, that’s kind of step one. But then you have to master all major operating systems, languages, techniques and tools.
Is it a job with prospects?
Very much so. The world produces countless lines of code and sets up systems every nanosecond. It’s all done by humans, and we’re far from perfect so, of course, there are bugs in the system. There is a growing need for people with the best skills to find those bugs before they are exploited by cyberattackers.
Don’t developers worry that you will make them look incompetent?
Well yes – but in reality there has never been a bug-free application, and we are just there to test them. Some companies also dislike the idea of a stranger
in their networks.
Most hackers love vulnerabilities. That’s where you find something so devastating that a project has to be halted and re-engineered. I’ve had cases where I needed to call a stakeholder at an insane hour to warn them about something serious. Standout moments include being able to generate thousands of dollars in prepaid cards and being able to dump full records of all account-holders.
Do you find it satisfying?
Absolutely. You feel a rush that you found something before it caused a disaster. I believe in building the strongest, safest internet that we can. This global grid wasn’t built with security in mind. It feels amazing to help make it so now.
Download BT's latest report Dealing with the new EU General Data Protection Regulation