Hacking, hackathons, hacktivism…do these words conjure up images in your mind of someone creating havoc by breaking into and manipulating complex programming codes? While this does constitute hacking, the word “hack” and the act of hacking have taken on new meanings in the past few years, and both continue to evolve.
Having worked with confidential data in several companies’ finance departments, including The Pita Group’s, Financial Clerk Melissa Ham can relate to the concern for adequate protection against data security breaches. But she can also see the need for newer forms of hacking, many of which are positively helping companies and brands. Ham explains.
Hacktivism (a portmanteau of hack and activism) is technically defined as the use of computers and computer networks as a means of protest to promote political ends. By this definition, hacktivism is not relegated to questionable acts of security breaches alone. Some hacktivists are making a positive impact on businesses, their communities and communities abroad.
The expression “computer hacking” carries images of unscrupulous techies who use their skills to copy sensitive information, steal customers’ identities and disable vital computer networks. However, some companies have employed so-called “ethical hackers” to explore their own computer systems and find potential weaknesses. These “white hat” hackers can demonstrate how their “black hat” counterparts can damage vulnerable systems, while offering advice on how to protect their clients from such dangers.
Testing Security Measures
The primary advantage of having ethical hackers on a company’s payroll is that the hackers are allowed to test a company’s security measures in a controlled, safe environment. These hackers can help companies determine which of their computer security measures are effective, which measures need updating, and which ones pose little to no deterrent to dangerous intruders. The data from these tests allows management to make informed decisions on where and how to improve their information security.
Finding Vulnerable Areas
When the white-hat hackers finish exploring the company’s system, they turn in a report on the system’s vulnerable areas. These areas can be related to the technology, such as a lack of sufficient password encryption, or in human-based systems, such as administrators who give out passwords to unauthorized personnel. The exposure of these vulnerabilities allows management to install more secure procedures to prevent attackers from exploiting either the computer networks or the mistakes of their own personnel.
Understanding Hacker Techniques
White hat hackers can also demonstrate the techniques used by unethical invaders. These demonstrations serve to show management how thieves, terrorists and vandals can attack their systems and destroy their businesses. When management has a firm grasp on the concepts that black hat hackers use, they can also learn how to prevent those invaders from using those techniques to penetrate their vulnerable systems.
Preparing for a Hacker Attack
Businesses that handle sensitive data must understand that they serve as potential targets of a hacker attack. Smaller companies that lack the resources for adequate network security present black-hat hackers with tempting targets of opportunity. These attacks can cripple or destroy small businesses as much as a fire or a natural disaster. The use of white-hat hackers can show these companies how vulnerable they are to an attack and how devastating the consequences of such an attack can be.
Take Random Hack of Kindness. This joint initiative between Microsoft, Google, Yahoo!, NASA and the World Bank focuses on problem solving, specifically to bring together subject matter experts around disaster management and crisis response. Through events featuring “apps competitions,” “hackathons” and “technology for social good,” the group has proposed solutions for a variety of issues such as tracking broken wheelchair lifts in public transportation; tracking cell phone and Wi-Fi signal strengths in areas with damaged infrastructure during disaster scenarios; and mapping incidents of sexual harassment in Egypt to identify “safe zones” where there are fewest reports.
A less clear-cut situation happened when Westboro Baptist Church announced its intentions to picket funerals of Sandy Hook victims. The hacktivist vigilante group Anonymos launched a series of attacks on the church, accessing and releasing private informations of Westboro Baptist members online and shutting down several of their websites. One hacktivist even hacked a spokesperson’s Twitter account. Polling showed that a clear majority supported Anonymous’s actions in silencing the “hate group.”
Hacktivisim is also being used to reveal data security problems for businesses. Hackers like Geogry Evans work with businesses to strengthen their security by helping to root out their weaknesses. The “reformed” hacker, who once spent 16 months in jail for criminal hacking, has since founded multiple security consulting companies, including Hacker For Hire USA and Hi-Tech Crime Solutions.
Brands are tapping into the positive power of hacking, embracing the idea that light bulb moments happen when we deconstruct products, systems – anything – to see how they work and use that knowledge to create new things or ideas. To do this, brands recognize that their customers must become immersed and encouraged to change the brand’s “codes”.
Recognizing that hacking brings about fresh perspective, Anheuser-Busch InBev teamed up with Advertising Age in 2012 to host Brand Hackl, a contest that paired tech start-ups with top brands. The idea was to “bridge the gap between emerging-technology companies and major brands and to start an early-stage dialogue between the two communities.”
For IKEA, one customer’s non-traditional, non-digital hacking has led to the brand’s gain in the form of a dedicated online community. Known as “Jules,” she created IKEAHackers.net a few years ago to share her and others’ modified uses of IKEA products (e.g. a dish drain repurposed as a tie rack and a dresser-turned-bathroom-vanity). The blog has evolved into an unofficial social network, where IKEA fans share their “hacks.”
From political movements to security measures to brand inspiration, hacking has evolved to play a very different role in each, and will no doubt continue to do so. The latest development? A petition issued to the White House asking that distributed denial of service (DDoS) attacks – attacks initiated with the intent of knocking a website offline – not be recognized as a punishable offense, but rather, as a form of protest.