I get a lot of inspiration from reading articles, posts and conversations on LinkedIn about my field, Cybersecurity. Recently, a fellow security professional and friend posted an important correction regarding the use of the term “hackers” and how he is tired of the term being used negatively, since he considers himself a hacker and is by no means a bad guy. That made me realize that the term hacker gets thrown around in a way that paints all hackers with the same brush stroke.
Thanks to the media, news, television, and movies, a hacker is typically depicted as a young man in a hoodie sitting in his basement (or his parents basement) or some dark corner of the globe punching away at a keyboard and effortlessly doing nefarious things like stealing identities, credit cards, intellectual property, and basically wreaking havoc.
The PSA I’m sharing today is that, in reality, that is the picture of a cyber-criminal. Hackers, like my friend and many security professionals I know, are the good guys and gals that walk amongst us every day with no intent to do harm.
These “good” hackers are security professionals hired to secure organizations and government networks by legally and with permission attempting to break in and identify their weaknesses so they can be fixed before an attacker or criminal does the same. These professionals are often known as penetration testers, and in some organizations, especially the government, they are known as the Red Team. They are trained and skilled at doing what is shown on television as something evil. There is even a certification called Certified Ethical Hacker.
On the other hand, people who break into networks and systems without permission, gain unauthorized access, steal information, and in some cases make the data unusable to the organization are criminals. You can call them criminals, cyber-criminals, attackers, or cyber attackers if you want to be accurate but calling them a hacker makes it sound like all hackers are evil when in reality there are so many hackers who are security professionals trying to help protect organizations through their skills of hacking.
The criminal and the security professional use the same techniques, same tools, and same knowledge, but they have different agendas. The intent behind their action is completely different.
The next time you post or talk about hackers, be clear who you are talking about. Are you referring to criminals and if so be clear about that and differentiate between those who are nefarious and out to do harm from those who are there to serve and protect.
If you want to learn a lot from a good hacker that I admire greatly, follow Chris Roberts on LinkedIn.
If you want to talk about having a Certified Ethical Hacker or cybersecurity professional help you ensure you are doing what it takes to keep the cyber attackers out email me at email@example.com.