Operationally Necessary Cookies
A white hat hacker is a computer security expert who uses penetration testing skills to help secure an organization’s networks and information system assets. A white hack hacker is also known as an ethical computer hacker. White hat hackers work with information technology and network operations teams to fix vulnerabilities before black hat hackers discover them. White hat hackers operate with the permission of the organization and within the boundaries, they have set.
White hat hacker activities are in sharp contrast to those of black hat hackers. Black hat hackers are threat actors that may operate alone or in groups and may be sponsored by nation-states and organized crime. Black hat hackers break into otherwise security networks and information system assets with the primary purpose of stealing, destroying, or modifying data, extorting or stealing funds, or in some cases making the networks and information systems partially to completely unusable.
There are also gray hat hackers that will engage in hacking activity and usually without malicious intent. The challenge is that sometimes gray hat hackers violate laws or ethical standards but did so without the malicious intent of a black hat hacker. Often they may not have the consent of the owner. They might not report a vulnerability directly but instead may first request a fee to identify the exploit.
White hat, black hat, and gray hat hackers seek to identify vulnerabilities. White hat hackers seek to improve the defensive capabilities of the networks and information systems, while black hat hackers seek to exploit these same assets. The white hat hacker ultimately has the goals and objectives of a defender. The white hat hacker also knows the tactics, techniques, and procedures of the black hat hacker, giving them insight into the best ways to stop successful cyber attacks. In the final analysis, no one is better equipped to fight a hacker than another hacker.
White hat hackers generally use real attack techniques to find vulnerabilities proactively. The use of real attack techniques is the best way to determine the effectiveness of security defenses. The methods used by white hat hackers can range from using social engineering, exploiting endpoint vulnerabilities, spoofing protocols, and much more.
White hat hackers spend considerable time learning new skills and techniques. In addition, they must stay current with technological developments and changes within the IT and network infrastructure for the organizations they help to protect. They may also spend time following threat actors’ activities, understanding their tactics, techniques, and procedures, and learning all they can about current and emerging threats. Finally, white hat hackers will also recommend specific security best practice improvements due to their activity.
Much of the white hat hacking activity focuses on early cyber kill chain1 activity. As a result, white hat hackers can often not move laterally into internal networks or perform data exfiltration. In addition, white hat hackers involved in penetration testing generally do not go deeply into the organization’s networks due to limitations of the potential impact these activities might cause.
White hat hackers are supported in several ways. In some cases, they may be directly employed by cybersecurity companies or by the security operations teams of large organizations as penetration testers. A full-time penetration tester pays approximately $117,9942 in the United States (as of June 2021).
White hat hackers can also earn a living directly by collecting bug bounties. Many companies have set up vulnerability disclosure programs that encourage hackers to discover security vulnerabilities within their organizations. There are many bug bounty disclosures that have paid in excess of $100,000 to the discovering white hat hacker. White hacker activity allows these vulnerabilities to be addressed and fixed before they can be found and exploited by black hat hackers and other threat actors.
In May of 2021, the U.S. Department of Defense (DOD) expanded its vulnerability disclosure program to include all publicly accessible DOD information systems.3 The genesis of the program was the “Hack the Pentagon” initiative enabled the Defense Digital Service4 to offer a bug bounty program to engage directly with white hat hackers. Prior to this there was no way to easily notify the DOD if a vulnerability was discovered.
The original policy enabled white hat hackers to report on vulnerabilities in DOD public-facing websites and applications. The expansion announced in May 2021 allows for research and reporting of vulnerabilities related to all DOD publicly-accessible networks, frequency-based communication, Internet of Things, industrial control systems, and more. The DOD Cyber Crime Center oversees the program.
The success of white hat hackers in the DOD program has been exceptional. Since the vulnerability disclosure program’s launch, white hat hackers have submitted 29,000 vulnerability reports. Of these over 70 percent of them were determined to be valid.
White hat hackers understand that ethical boundaries are important and must always be respected. White hat hackers are intellectually curious and often enjoy the challenge of finding holes in security systems. Their white hat status lets them satisfy this curiosity while helping to defend organizations. White hat hackers generally have a strong moral compass and seek to stop the malicious activities of black hat hackers. Many are cybersecurity professionals that have been white hat hackers during all of their careers. White hat hackers would never probe or scan a system without prior request and approval.
References 1 https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html 2 https://www.indeed.com/career/penetration-tester/salaries 3 https://www.defense.gov/Explore/News/Article/Article/2595294/dod-expands-hacker-program-to-all-publicly-accessible-defense-information-syste/ 4 https://www.dds.mil/
Stay current with the latest security trends from Bugcrowd