In a world where harboring your most sensitive data on the internet is a convenient risk that everyone seems willing to take, the ramifications could actually be much more alarming than a stolen credit card number -- cyber attacks could dismantle society.
According to this year’s Worldwide Threat Assesment, written by Daniel R. Coats, the Director of U.S. National Intelligence, cyber attacks are the top danger to society, posing more of a global threat than mass destruction and terrorism.
“The potential for surprise in the cyber realm will increase in the next year and beyond as billions more digital devices are connected -- with relatively little built-in security -- and both nation states and malign actors become more emboldened and better equipped in the use of increasingly widespread cyber toolkits.” Coats writes in his report.
In 2017, the Identity Theft Resource Center reported a record-high 1,579 data breaches -- 44.7% more incidents than the previous record high recorded just one year before. Ponemon Institute, a research center dedicated to privacy, data protection, and information security policy, also reported that a single ransomware attack inflicted on a company that doesn’t even pay the ransom payment will cost them $5 million in lost productivity, due to the disruption of the company’s networks and computers.
With malicious viruses costing companies huge sums of money and skyrocketing growth in data breaches every year, it might seem like cybercrime laws are too flimsy to deter hackers. But in some states, certain cybercrimes are considered Class C felonies, which is equal to kidnapping and arson.
Unfortunately, cyber investigators are spread so thin that they only have time to work on casesthat receive a lot of media attention, affect government officials or celebrities, or lead to a loss of $200,000 or more. As a result, breaking a serious law doesn't make cybercriminals flinch even one bit. So how are companies securing themselves if order can’t?
Protecting a company’s cybersecurity requires the same skills as exploiting it. And to quickly find their own vulnerabilities and patch them up, businesses pay people to hack into their computer systems. It’s something called ethical hacking.
What is ethical hacking?
Ethical hacking is when companies, organizations, and government agencies hire white-hat hackers to identify vulnerabilities in their computer systems and help fix them instead of exploiting them.
The growth of ethical hacking is promising for the cybersecurity industry. It’s incentivizing the rare few who can hack into complex computer systems to use their technical chops for good. And hopefully, it’ll spark enough opportunity to help the light side of hacking shine brightly over the dark.
Originally published Dec 5, 2018 6:00:00 AM, updated December 05 2018