Information security professionals can take preventive security practices to the next level by learning how to hack.

Not to be confused with malicious “black hat” hacking, ethical “white hat” hacking (also called penetration testing) identifies network security vulnerabilities and patch security holes before anyone can abuse them. Capella University School of Technology Core Faculty Brett Miller*, PhD, shares why ethical hacking is important, what it involves, and how to become an ethical hacker.

 

Why It’s Important

If you don’t understand how black hat hackers could get into your systems, you’re going to have a hard time securing them. Learning how to hack can help you implement the strongest possible security practices. It’s as much about finding and fixing security vulnerabilities as it is about anticipating them. Learning about the methods hackers use to infiltrate systems will help you resolve issues before they become dangerous.

Think of it this way: a computer network is like a yard with a fence to keep people out. If you’ve put something valuable inside the yard, someone may want to hop the fence and steal it. Ethical hacking is like regularly checking for vulnerabilities in and around the fence, so you can reinforce weak areas before anyone tries to get in.

 


 Interested in practicing your ethical hacking skills? Check out Capella’s Ethical Hacking Skills Challenge


 

What It Involves

Above everything else, successful ethical hacking requires being a master at problem solving. Understanding how computer systems and programming languages work is also essential because it’s easier to anticipate ways to exploit the system.

For example, a website may use a complicated, sturdy JavaScript-based authentication system to prevent spammers from submitting thousands of bogus support emails. An ethical hacking approach to testing may be attempting to disable the JavaScript language in the web browser (a widely available feature) and submitting a support email while ignoring the authentication process. Unless the programmers have designed the site to ignore non-JavaScript enabled systems, the spam email will bypass security. After identifying the security hole, the programmers can make the necessary adjustments.

 

How to Become an Ethical Hacker

Depending on your previous experience and desired outcomes, there are different levels of ethical hacking training available. Hack training sites such as hackthissite.org can help you sharpen your hacking skills, regardless of your experience level. For a deeper dive into ethical hacking and other network defense methods, an advanced degree is another option to consider.

 

Capella University is one of a select group of universities designated as a National Center of Academic Excellence in Information Assurance Education by the National Security Agency and the U.S. Department of Homeland Security. Check out Capella’s Master’s in Network Defense program.

*Interviewee Brett Miller is no longer with Capella