White Hat, Black Hat

The word hack (the root of the word hacker) was already a few hundred years old before it became associated with attacks on computer systems. Back in the thirteenth century, in German (hacke) and Nordic languages such as Danish (hakke), the precursors of the English word were associated with cutting something up in a rough way, with many strikes from a sharp object. In the eighteenth century the term started to be used in reference to someone who was employed to carry out routine tasks, and at the beginning of the twentieth century it started to be used as a synonym of attempt.

Meanwhile, the word hacker became associated with innocent experiments that curious engineers carried out on different types of equipment. At a meeting of a student organization at MIT in April 1955, the minutes of the Tech Model Railroad Club note that a certain Mr. Eccles requested that everyone who was working, or hacking on an electrical system, “turn the power off to avoid fuse blowing.” Over time, the word took on an unjustified reputation for being associated with negative or destructive intentions. The correct term was listed in 1975 in the Jargon File (a compilation of the terms used by the pioneers of modern information technology at ARPANET, Stanford, Carnegie Mellon, MIT, and other places) — not hacker but cracker.

Regardless of terminology, the global interconnectivity among devices has exponentially increased targets available for potential attacks. The overall budget allocated to cybersecurity by governments and companies continues to increase to avoid the material and financial losses caused by a successful hack.

The size and importance of the information-security market — including applications, cloud, data, infrastructure, network, and services, among others — will probably continue to grow for the foreseeable future. According to data from multiple sources compiled by AustCyber (an independent, not-for-profit funded by the Australian government), global cybersecurity spending will reach about $190 billion in 2025, up from about $85 billion in 2015 and $130 billion in 2020.

With the advent of the IoT, any object that is connected to a network becomes a target. Cars; planes; industrial systems; logistics and control equipment; public utilities such as gas, water, and power; hospitals; and even household appliances can all be vulnerable.

Cybersecurity experts are highly valued professionals, and the most prominent consultants can charge thousands of dollars per day. Those who work to detect security flaws and vulnerabilities are known as white hats, and their mission is to simulate hacks using multiple techniques so that their employers can improve their defense systems. They have a large arsenal of tools at their disposal, employing methods such as backdoor, DoS (denial of service), spoofing (masking one’s own identity), and phishing (seeking to obtain information directly from authorized users).

Next time, we will talk about how our connected society needs to prepare for a future riddled with new threats and risks. See you then.