Tuesday, September 19, 2006

Hackers for Hire

INTERNET has created many jobs which were unheard of before and ethical hacking is one of them. ‘Hacker’, an originally negative term, is used for people who break into computers for fun, revenge, or profit. So who’s an ethical hacker? “Virtual security is now major concern for organisations and governments. Many companies have began employing hacking experts who can find security loopholes, without damaging the system. These people are known as ‘Ethical Hackers’.” Successful ethical hackers possess a variety of skills.“Honesty and trust are the keywords. While testing client’s security systems, the ethical hacker has to be discreet about potential client information, which if publicised, could lead to real intruders breaking into the systems leading to financial losses for the company.” A software professional, says it’s the hacker’s job to see that the system is secure on all fronts. “An ethical hacker answers basic questions on what systems are easy targets, how can the information be misused, etc,”
But with so many former hackers getting such jobs, aren’t there incidents where the ethics are compromised and the guard becomes the thief himself ? Sanjay senior network consultant at a school training ethical hackers, feels that’s the reason one should be careful while appointing past hackers. “Just as a robber can be the best crime buster. When you have been a hacker, you know the workings of a hacker’s mind. Who better to protect the system than a hacker then?” So how do the organisations address this problem? Proffessionals thinks it is dangerous for any company to believe they have fool-proof security. “Most organisations need regular security updates.
Appointing a hacker and giving him the freedom to look for softspots, is the best way to ensure security.” It as the need of the day, and many companies are seeking hackers for pumping in their securities. “Even Bill Gates, has thrown a challenge that anyone who can hack patented software will be appointed in the company, what more proof is needed?”. The financial aspect isn’t bad either! “Any day a good hacker can fetch remuneration ranging from Rs 10,000 to Rs 30,000 a month as a security professional, and if you have talent.
posted by Joby on 6:33 PM | Permalink | 0 comments

Hackers Stolen the Neclear Secrets

Is it secure to store sensitive information on the internet???
A computer hacker in the US stole sensitive information on 1,500 people working for the nuclear weapons unit of the Energy Department in the United States, but neither the theft victims nor senior officials were notified for nine months, US administration officials acknowledged recently at a congressional hearing. The theft, at a National Nuclear Security Administration centre in Albuquerque, (New Mexico), involved names, Social Security numbers, birth dates and information on where the people worked and their security clearances.

The leak, on the heels of a much larger breach in the Veterans Affairs Department, is sure to raise new alarms about cybersecurity and may provide those opposed to such a heavy dependence on the internet in such matters more grist to attack. The disclosure of the breach and the fact that Energy Secretary Samuel W Bodman and his top aides were not told for months, caused outrage at a hearing of the House Energy and Commerce Committee subcommittee on oversight and investigations.

The National Nuclear Security Administration was set up in the Energy Department in 2000, partly in response to fears of Chinese espionage. It includes 37,000 federal employees, military people and contractors responsible in part for designing and maintaining nuclear weapons. Officials declined to explain in the public session why the 1,500 people affected were not told at once, but he promised to tell committee members more about that in a closed meeting. The loss of files with names, Social Security numbers and birthdays creates the potential for crimes related to identity theft.

The hearing did not make clear the outcome of the case. When accompanying data on security clearances and work stations is stolen, someone might glean enough information to “try to get people to do things they shouldn’t” through threats, blackmail or other pressure.
“Somebody’s ID has a real value, a monetary value,”
posted by Joby on 6:18 PM | Permalink | 0 comments