Lead Image © Setsiri Silapasuwanchai, 123RF.com

Lead Image © Setsiri Silapasuwanchai, 123RF.com

If You Don't Like Security Guys, Call a Hacker

Welcome

Article from ADMIN 35/2016
By
Many years ago on a school field trip to the local police station, I noticed a bumper sticker on a cop's cruiser that read: "If you don't like Cops, next time you're in trouble call a Hippie."

Many years ago on a school field trip to the local police station, I noticed a bumper sticker on a cop's cruiser that read: "If you don't like Cops, next time you're in trouble call a Hippie." Of course, I understood the purpose and the message behind the sticker, but what I didn't understand was the generic hostility toward an entire group of people who could, at some point, prove useful to law enforcement and its effort to thwart crime. And although the ubiquitous peace and love hippie credo was all encompassing, there were a few bad eggs with whom law enforcement personnel weren't happily acquainted. I assume those "black hat" or perhaps "black headband" hippies comprised a minority of the worldwide hippie community, or commune, if you like. Similarly, all hackers aren't lawbreakers. Most, in fact, are law-abiding citizens who either are curious or who get a thrill of walking that fine line between ethical and illegal. In either case, my assumption is that even the line walkers will help catch their black-hatted counterparts – given the proper motivation, of course.

A day rarely passes without reading about a new hack, a new breach, or a new dump of private information. Hackers, it seems, are always one step ahead of our best security efforts. Shouldn't we embrace those who live in the deep web and harvest their knowledge for good? While I'm only comparing hippies to hackers to illustrate a point, the analogy of partnering with insiders who can help bring the really bad guys to justice is a valid one in either case.

Now, I'm not talking about Edward Snowden here. I'm talking about real hackers – people who have true knowledge of how to compromise systems, to expose data, and to maintain a stealth presence inside your network. I know that a few companies have hired hackers that have infiltrated their perimeters in the past, but that's still the exception more than the rule. My personal opinion is that I'd rather hire someone who's truly passionate about hacking and about security rather than someone who's just into it because it's the new Cisco, the new Windows, or even the new Linux. I want to hire the person who is a 24-karat hacker.

I don't care if the person uses Leet-speak, solves Sudoku, or plays D&D; I want this hacker to represent security on my network. I want him or her to be one-fourth Dr. Evil, one-fourth Kevin Mitnick, one-fourth Doctor Who, and one-fourth Sherlock Holmes. I want the dirtiest of players on my side. After all, when you hire a bodyguard, you don't hire a 98-pound weakling; you hire the biggest, meanest bully who'd scare King Kong at midday on a busy Manhattan street. The old saying, "You have to fight fire with fire," rings true when you want to protect your assets from people who want to rob you of your money, your intellectual property, your reputation, and your security.

And I'm not implying that all hackers, or all hippies for that matter, are bad people, but you have to find the genuine article for quality help in either case. Wannabes and part-timers just won't (pardon the pun) hack it in the real world of real threats and real thefts. In the world of advanced persistent threats, you need advanced persistent protection, and that can only be had from someone who truly knows his or her enemies.

So, the next time you're in trouble, call a cop. The next time your network comes under attack, you'd better call someone who can help – a hacker – a real hacker – someone just this side of evil, just this side of the law, and just this side of your firewall.

Ken Hess * ADMIN Senior Editor

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security is Everyone's Problem
    I attended a security seminar a few weeks ago, and one of the slides read, "Security is not an IT problem." I laughed when I saw it and gave a smirk to our Security Manager at my new job.
  • BackTrack Linux: The Ultimate Hacker's Arsenal

    Penetration Testing and security auditing are now part of every system administrator's "other duties as assigned." BackTrack Linux is a custom distribution designed for security testing for all skill levels from novice to expert.

  • What's the Risk?
    As system administrators, we are continually challenged with balancing risk vs. benefit. In everything we do, touch, or alter, there is risk.
  • Welcome to ADMIN
    If you haven't either used or experienced Chromebooks firsthand by now, you soon will. Chromebooks are the next frontier in IT management and support, and they're coming soon to a network near you. The primary reasons for the soon-to-be widespread adoption of the humble Chromebook are cost, flexibility, security, and portability. But most of those reasons are the "business" reasons driving adoption.
  • John the Ripper

    Easy to remember but difficult to guess isn’t just a catchy phrase for choosing passwords, it’s the law of the Net. Learn how to check your password using a tool network intruders use every day: John the Ripper.

comments powered by Disqus