WHITE HAT OR BLACK HAT? - A QUICK OVERVIEW INTO THE WORLD OF CYBERSECURITY

By Suvarunika Thirumaran

White hat black hat 1.jpg

What are black hat and white hat hackers?

Black hat hackers are those who break into a network with malicious intent. (fun but you will most likely end up in jail sooner or later!)

White hat hackers are ethical hackers, hired by companies to perform penetration tests in a controlled environment to make sure all the security is up to par. (essentially getting paid to break up systems: fun!)

Tips

Keep a tight hold on what you post on social media; just from one post, a black hat can find out so much about you and easily fool you!

  • Don’t shout about holidays on Twitter, but instead think about how letting people know you are out can lead to a physical break in!

  • Don’t feel the need to overshare! Make sure your password is strong. (upper and lower case letters, numbers, special characters – include them all!)

  • With the world dynamically changing, the cyber world is also throttling towards greater and more advanced technology. Along with all the achievements there come the risks, threats and espionage attempts!

what risks are present in the cyberworld for companies?

1.      Ransomware: A great malware for the black hat hackers, a fast moving malware that encrypts and locks up your files and to retrieve it, you will have to pay a hefty amount – probably in cryptocurrency!

2.      Social Engineering: Manipulation of individuals to spill their personal and confidential information. This can be as simple as standing near the smoking area of an office, striking up a conversation with one of the employees and walking in with them!

3.      Phishing and spear phishing : Sending malicious emails or sites pretending to be from a reputable company which manipulates people into revealing or giving over personal information. Phishing can be used as a form of external reconnaissance when trying to get access into a company by sending out emails to employees pretending to be an admin or a helpdesk. All it takes is one person to fall for the email and suddenly, the attackers have infiltrated, laterally moved through the network and find it easier to set up malware or send out ransomware in the future! Spear phishing is targeted phishing such as a targeted attack on the CEO.

4.      DDOS (Distributed Denial of Service): A malicious attempt to flood the network, increasing the internet traffic and essentially causing the whole system to crash, therefore denying access for others to access the system.