Posted in Community :
Web Security experts
|
||
|
Source : http://www.livemint.com
Activity:
1 comments
143 views
last activity : 07 06 2010 20:18:04 +0000
|
||
|
|
A 22-year-old entrepreneur lays bare the difference between legal and illegal intrusion into a website and the growing demand for the former
Shocking but true, asserts Ankit Fadia, who himself is a hacker. Only, he claims he hacks with the knowledge of the authorities, who, in fact, use his services to catch other hackers. Set a thief to catch a thief, they say. Fadia claims law enforcement agencies in India and abroad have used what he calls his ‘ethical hacking’ services to decipher an encrypted message from cyber criminals. But isn’t willing to substantiate his claim with documentary evidence. What is for sure, though, is that he has written a number of books on ethical hacking that have been well received and runs government-approved courses in the subject in Malaysia, India and China. Nishu Kakkar of Livemint.com asked Fadia what exactly ethical hacking was all about and why it held the promise of a lucrative, yet legal career. Edited excerpts:What does ethical hacking involve? How can it ever be ethical in the first place, and what makes it a good career option?The job of an ethical hacker is to get into the mind of the computer criminal or cracker, think like him and come up with innovative methods to protect computer systems from him. Within minutes, a single computer intrusion is capable of causing losses to the tune of millions of dollars. You know, even an 11-year-old Russian kid was able to change the path of NASA’s latest spaceship. Ethical intruder: Ankit FadiaWith a significant rise in cyber crime across the globe, there is a growing demand for skilled ethical hackers who can protect Internet users from cyber criminals. Information Security (IS) services were worth around $8 billion in 2001, and $23.6 billion in 2006. And there is a corresponding increase in the demand for IS professionals. A Nasscom report pegs the current requirement at over 18,000 in India and over 60,000 worldwide. This is estimated to grow to over 77,000 in India and 188,000 worldwide by 2008.When did you first turn to hacking? What was it that spurred your interest? I got a computer when I was 10 years old. I must have been only 12 when I got interested in hacking but can’t really remember what the trigger was. I guess the power of forbidden fruit is so attractive, especially to young minds (laughs). You know, I published my first book, An Unofficial Guide to Unethical Hacking, when I was only 14. I’m quite happy that I have been able to convert my hobby into a profession. In fact I am so passionate about it that I have been spreading awareness about computer security for the past eight years through my books and seminars. These certified courses that I have started are the latest initiative. I have partnered with Career Launchers to start India’s first certification course, Ankit Fadia’s Certified Hacker Course. I have also tied up with IIMT Ghaziabad to start a one-year diploma in cyber security. And the response to both courses has been quite positive. India is has an edge in the IT space globally and a talent pool of ethical hackers and security experts from this country would complement the existing resource of IT professionals. Were you ever concerned what you were doing was illegal? Whenever I talk about hacking, people think of it as a crime. But in reality, I think the computer world has two types of people — the good guys whom I call the ethical hackers, and the bad guys, or the crackers. Ethical hackers are the heroes in a masala Bollywood film. They work with the cops to protect the interest of the people. Crackers are the villains. They steal credit card information, infect systems with viruses and generally create havoc on the Internet. I belong to the first category. The adjective ‘ethical’ seeks to do away with all the negative connotations people attach to the term hacker. Okay Mr. Ethical, tell us what your tribe has achieved so far. Ever heard of this cyber criminal called Keven Mitnick? He broke into a couple of bank sites and stole thousand of credit cards. The FBI nabbed him a few years later. He was cooling his heels in prison when, one fine day, the FBI approached him and offered to release him if he agreed to work for them. He did, and so, I think that makes him one big hero — someone who crossed the big fact line that distinguishes us ethical guys from the crackers. Did you also cross that big fat line? No. I’ve always been on the positive side of hacking and have never even thought about entering negative territory. In fact I’ve written 13 books on the subject that have sold 2.5 million copies worldwide. I have attended more than a thousand seminars and trained over 10,000 students the past few years. Come on. Surely the devil would have tempted you? On second thoughts, yes. I have done some bad stuff but I haven’t consciously harmed anyone. I broke into some websites without permission but made it a point to inform the system administrator via email describing the hows and whys of my action, following it with counter measures. And how did your ‘victims’ respond to your hows and whys? I got some interesting reactions. I recall one of the largest computer magazines called ‘The Chip India’ offered me a job. When I told them I was only 14, they asked me to come back to them after four or five years. That was my first call for a job. How do you feel when you hack a website ethically? I’m sure you also do it for fun every once in a while? Yes, I do like playing with websites. It all started off as a hobby, remember? On a serious note though, I am very clear about my ethics. I respect the rights and wrongs and have never ever harmed a website. I think I have reached a level where I can simply transfer money from somebody else’s account into my own but have never ever done this more for the fear of not being able to see my face in the mirror than fear of the law. Fine, but what about the people you teach? Not all of them will think the way you do? Whenever I organize seminars or conduct these courses, I am not afraid people will misuse the knowledge, for two reasons. First, I make things look very, very easy and use this to drive curiosity. Second, I have been doing it now for two years, so I know how to go about it. I can assure you, when people try to do it on their own they won’t know how to crack. So what’s the big deal? Why spur their interest first and then disappoint them by not giving them all the knowledge? It isn’t a gimmick. I just want people to know cyber crime is a reality and an efficient, motivated criminal can do it as easily as I can. But what if out of a 1,000 students, 100 acquire perfection and even 10 turn out to be rotten eggs? Yes, that’s a possibility I hadn’t discounted. But I think one can’t just sit back and simply not take a risk. In any case, if I basically have a criminal mind, I’d go anywhere to learn how to crack if Ankit Fadia isn’t going to teach me everything. You can’t stop a knife manufacturer from making his product only because a murderer can use it to kill, can you? What about the surgeon who uses the same knife to save a life? How can anti hacks get better? I think three or four things should happen to improve security in India or even globally. Firstly, awareness campaigns must be implemented in schools and colleges, and in companies. Secondly, cyber laws in India must be revised to make enforcement more proactive and the government should train cyber cops to apprehend offenders. It is much more difficult to catch cyber criminals than it is to catch other offenders. Thirdly, there should be some sort of tax incentive for companies, such as banks, airlines and others who rely on the net to boost their top lines to implement security systems. Companies that are lax could be penalized. How come Russia and Ukraine are known as safe havens for crackers?These two countries have no cyber laws to speak of. So a large chunk of the cyber crime originates from there. Also, a lot of criminal tools are available at their websites. Many countries where cyber crime is rampant are caught up in political problems, so issues like Internet laws take a back seat.How vulnerable are we to hacking today?Today, we are more dependent on technology than we have ever been before. It is difficult to imagine a life without computers, ATMs or cell phones, isn’t it? Techie-crooks know that and will exploit every means to cheat people of their money. If security systems have become more complex, so has tech crime, which is why the need for awareness and constant updates on the latest anti-hacking technology.Have any of your projects ever been hacked despite your having provided the best security systems?Oh, plenty. Like I said, computer security is a constantly changing field and you need to update yourself constantly to keep one step ahead of the criminal. But each failure served as a reminder that there is much more to learn, and that I ought to update my knowledge and try again. How do you update yourself? That’s the fun part. I’m sort of playing the role of a double agent. I work with police agencies and the corporate world, so this gives me a fair idea about what I should do to protect Internet users. At the same time I also network with the informants in the underworld — the Khabris — so I know what criminals are up to as well. I think ability of being on both sides of law gives me an edge. You’re still very young. Where do you think you’ll be 10 years down the line?You’re interviewing me for a job (laughs). Today, I am an entrepreneur engaged in the business of computer security. I have a consultancy in Malaysia and an education company in India. And I am based in China. I write books and conduct seminars/ events on security. I am planning to enter other fields as well. For instance, I am writing on a script for a movie on computer hacking. It’s a thriller — you know, the slick Hollywood kind, not the masala musicals of Mumbai with grown-ups running around trees. I will also be setting up a restaurant in Mumbai and getting into real estate development in a small way.TrackBack URL:
1 comments on "Web Exclusive | ‘Ethical hackers are good guys who protect people from cyber crime’"
Sort by:
Most Recent
Top Rated
Commented by
Samir Nigam, Sr. Software Engineer , SRM TECHSOL Pvt. Ltd.
| 08 03 2008 21:35:10 +0000
Report Abuse
Not Rated
Found the article
"Web Exclusive | ‘Ethical hackers are good guys who protect people from cyber crime’"
interesting ?
Share with your connections and communities
Leading Training Institute
- Get advice for Courses on Offer
- Create a confidential Profile online
- Maximize awareness of and access to the best career opportunities
Viewers also viewed
|
|
A group of hackers called Anonymous has come to help all who are fighting against corruption.... |
|
|
1688 referals
49 arguments,
1360 views
|
|
|
not ethical vs ethical |
|
|
677 referals
57 arguments,
4966 views
|
|
|
Trend Micro has recently released a report that exposes the presence of 25,000 Indian email... |
|
|
55 referals
13 comments,
745 views
|
|
|
|
|
|
|
Recent Knowledge (13)
|
|
Facebook will have market value of $234 billion by 2015, up from its current valuation of $85... |
|
|
872 referals
22 comments,
490 views
|
|
|
Guys, I got this information on A.I sharing with you....hope it will be useful.... |
|
|
1866 referals
17 comments,
772 views
|
|
|
Why the pen is mightier than the keyboard: Children who write by hand 'learn better than those... |
|
|
382 referals
10 comments,
205 views
|
|
|
|
|
Sponsored Jobs
More From Author
yes what you have mentioned is really true if proper info is provided then this replaces inventory, today one is able to get info on the demand that will be there in the market in the next fiscal year, by which one will not exceed the supply mark,... |
You need to create relationship with influentials. There are a group of people who can help in influencing your customers, make optimum use of them. |
E-business Sins ? What mistake should an entrepreneur avoid while taking his business online as lots of businesses have walked the path of taking business to internet and many have failed. Lets learn from them so that we can avoid those...Share... |