The typical image that comes to mind when imagining a hacker is most likely to be a person wearing a hoodie, sitting in a dark basement, and smashing away at a keyboard while sitting in front of multiple monitors, with green text on a black terminal. However, this depiction is the farthest thing from what they look like in reality. This stereotypical yet erroneous image has originated from movies and other media. We have been led to several assumptions about hackers which are untrue for the most part.
In the context of computers, a hacker is someone who makes the hardware or software work in a way that wasn’t previously possible. This includes logging into websites without any of the required passwords or analyzing them to find hidden data. There are even people who can hack into cars and satellites!
Another false stereotype is the fact that all hackers are bad guys. The word hacker is an umbrella term that encompasses both the bad and the good. There are primarily three kinds of hackers: Black Hats who do no good, White Hats who work only for good, and Grey Hats- who operate somewhere in between. Unfortunately, this fact is not well known, and many good hackers get grouped with malicious ones.
Ethical Hacking is a field that white hats generally partake in. It is a broad line of work that has many subdivisions, one of those being Bug Bounty Hunting. Websites such as Hackerone, Bugcrowd, and Intigriti are platforms that companies use to put up ‘Bug Bounty programs’. Hackers are then allowed to hack into their website or app and provide reports on any bugs or vulnerabilities that they find. They are then paid bounties according to the severity of the bug or vulnerability in question, based on how much it could potentially affect the company’s business or its users.
Many people have earned a lot of money by helping companies secure themselves through these programs. According to Hackerone’s stats from last year, six hackers have earned more than a million dollars through bug bounties alone. Very recently, a 14-year old boy was also awarded $25,000 from Facebook for reporting a vulnerability known as Cross-Site Scripting (XSS) that he found in an Instagram feature. A lot of Indians are actually in the Hall of Fame for the bug bounty programs of large companies like Google, Facebook, Microsoft, and Apple.
Penetration Testing is another profession that falls under the umbrella of Ethical Hacking. Companies hire hackers (also known as Penetration Testers) to perform attacks on their systems and report how secure their security systems are. Apart from these professions, there are many other areas of expertise in security such as malware analysis, digital forensics, and security architecture. While differing in specifics, all these fields involve white hats defending clients from the dark arts practiced by the black hats.
However, even in the presence of a multitude of security precautions, there still exists an ever-looming danger. Just as a chain is only as strong as its weakest link; humans can be both the strongest and the weakest link in a security system. In a recent Twitter hack, several celebrities found their accounts compromised. This hack was possible because the attackers received access to a tool meant to be used only by Twitter employees from none other than the employees themselves.
Though the damage caused to IT infrastructure by black hat hackers around the globe is undeniable, it is unfair to tag all hackers as bad and harmful. From personal experience, whenever I tell someone I want to be a hacker, I always receive negative responses. So, while it is uncertain when or even if this stereotype will change any time soon, I hope that this article can act as a step in the right direction towards improving the image of hackers in the public eye.