In an incident in 2017, a hacker broke into the database of Zomato, India’s largest online restaurant guide, and accessed five important details – names, emails, numeric user IDs, user names and password hashes – of around 17 million users. The hacker then extended up the details for sale on the dark net before entering into negotiations with the firm. The event set alarm bells ringing in the country’s cyber security network as internet users often use the same passwords for multiple accounts, including social network sites, mailbox services and banking.
Quickly after which Zomato posted a string of blogs with information of what had gone wrong. It also stated that the security breach in this case was the doing of an “ethical hacker” who solely intended to draw the company’s attention to the vulnerabilities of its database and to persuade it to launch a bug bounty programme – thus reviving focus on a subject that has gained prominence in the area of global cyber security in the past few years.
A bug bounty programme, also known as a vulnerability reward programme, is a deal offered by various websites and software developers; here individuals can receive remuneration, in cash or kind or in terms of recognition, for reporting bugs. These programmes have been put to experiment now not only by firms like Google, facebook and Microsoft but also government and security agencies in some countries. The willingness of entities to invest in this area for cyber security has made the demand for ethical hackers go up. Indian hackers fare high on the charts globally both in terms of numbers and payout in these programmes. For instance, Facebook invested nearly $5 million on bug bounty programmes between 2011 and 2016 and the top three nations basis the number of payouts were India, followed by the US and Mexico.
Considering the rising popularity and demand of ethical hackers, let’s get enlightened more on this career path, what it demands, what it rewards and how one can become an ethical hacker.
There are various kinds of hackers. We differentiate them on the basis of their intention of hacking a system. Ethical hacker is one of the types of hackers. They are also known as “White Hat Hacker”.As the soldier protects the country from the outside enemies same ethical hackers do for the organization. An ethical hacker protects the computer system and confidential information of the organization from the black hackers. They work for businesses and government organization. In IT industries they are on high demand which means that the ethical hackers will get handsome package of salary and will enjoy other benefits too.
Job Profiles in Ethical Hacking
The opportunities in the area of cyber security are increasing with numerous companies becoming increasingly aware of the necessity for online security. The major areas of work include financial services security, wireless network security and information security in businesses among others. After attaining the much coveted CEH v10, an ethical hacker can try for the following roles:
- Information Security Analyst
- Security Analyst
- Certified Ethical Hacker (CEH)
- Ethical Hacker
- Security Consultant, (Computing / Networking / Information Technology)
- Information Security Manager
- Penetration Tester
Becoming an Ethical Hacker
The requirements to become an ethical hacker will totally depend on the current field of work or study of an individual. Most of the jobs would require you to have a Bachelor’s degree in IT, computer science or other cyber security related field; exceptions are made for candidates having a decent knowledge of OS, databases, and networking. Earning certifications like CCNA, CISSP and ultimately CEH will allow an aspirant to market themselves as an ethical hacker. The most-trusted body that you can get certified with is the EC Council. One needs to sit through exams and fulfill other eligibility criteria to be able to achieve the certifications.
Here, the good news is that one does not need to necessarily be a programming expert or from a computer science background to learn and pursue ethical hacking. To don the white hat, one needs to start learning and gaining the following skills:
- Basic Programming Knowledge say languages like PHP, Python, Javascript etc.
- Fundamental IT Skills
- Networking which includes elements like proxy, VPN, processes like NAT and IP addressing etc.
- Knowledge of key concepts like Vulnerability Assessment and Penetration Testing, SQL injections etc.
- The world of hackers changes quickly so they should update themselves by continuous learning and by polishing their skills.
Top Ethical Hackers in India Ethical hackers are highly valued by the organization as they protect organization’s confidential details from the outside hackers. Some of the faces in this area in India are: Vivek Ramachandran: A graduate from IIT Guwahati, his area of expertise includes computer and network security, wireless security, computer forensics, and e-Governance. Ankit Fadia: With specialization in OS and Networking based tips and tricks and proxy website, Ankit has a number of achievements to his name in this field. Trishneet Arora: Few of his clients are Central Bureau of Investigation, Reliance Industries, Gujrat Police and Punjab Police. Arora helps the Punjab and Gujarat Police in cyber crimes, for which he has also conducted training sessions with Police officials. Sunny Vaghela: Having been solved numerous challenging cases; some of them include credit card fraud cases, big data theft cases, phishing cases and Orkut fake profile cases. He also assists companies in financial sector, E-commerce, logistics, and media. |