INTRODUCTION
In this era of computer, our lives always swing between cyber security and cyber threats. One should always be careful of themselves or they may be the victims of the hacking and here comes the topic of hacking. Hacking means the unauthorized person enters into a computer or into links by using some his knowledge and techniques. Where person who indulges in such action leads to loss to others and the person who indulges in such action is called hacker. As thorn should be taken by thorn and diamond cuts diamond, ethical hacking is the preventive action for hacking and person who performs it is called ethical hacker and it is called ethical hacking. Both the above hacking may resemble same but the difference lies in the intention behind such hacking.
WHAT IS ETHICAL HACKING?
Ethical Hacking is an authorized practice of interference into a system security to identify potential data breaches and threats in a network. The company that owns the system or network allows Cyber Security engineers to perform such activities in order to test the system’s defenses. Thus, unlike malicious hacking, this process is planned, approved, and more importantly, legal.
WHAT IS THE MAIN AIM OF ETHICAL HACKING AND ETHICAL HACKERS?
Ethical hackers aim to investigate the system or a network for weak points that malicious hackers can exploit or destroy. They collect and analyze the information to figure out ways to strengthen the security of the system/network/applications. By doing so, they can improve the security footprint so that it can better withstand attacks.
MAIN TYPES OF HACKERS
Hackers always 2 types may be good or bad depending upon the intentions or motive behind their work. Some of the hackers intrude into a system out of curiosity and some of the hackers have a legitimate motivation or are authorized by legitimate officials and some of the hackers are appointed for protection of safeguarding the vulnerable data. Hackers can be classified into the following categories which are listed below:
BLACK HAT HACKER
A black hat hacker is also known as a cracker, as these kinds of hackers possess a piece of good knowledge in computer networking and misuse that knowledge, Network protocols, and system administration, but these kind of hackers are a reason for cybercrime as they hack the systems for unethical reasons which are illegal.
WHITE HAT HACKER/ETHICAL HACKER
A white hat hacker is the opposite version of the Blackhat hacker, these hackers possess the same amount of knowledge as black hat hackers but they use the knowledge in an ethical way and they are network security professional so known as ethical hackers or white hat hackers.
GREY HAT HACKER
A grey hat hacker is somebody who is between the Black Hat and white hat hacker; the grey hat hacker exposes the vulnerabilities of the network system and then may in return offer services to fix the loopholes for money called grey hat hackers.
HOW IS ETHICAL HACKING DIFFERENT FROM BLACK HACKING?
Ethical hackers are involved in an organization to Indulge into networks and systems with the purpose of discovering the vulnerabilities and fixing them but they break into the systems legally and ethically. The legality of hacking depends upon the ethics and This is how it creates the differentiation between the two.
HOW DOES ETHICAL HACKING WORK?
As ethical hacking is likely to be done with the permission of the victim or the targeted system, the only way to tackle black hat hacking is tackling it through ethical hacking, the techniques used in penetration are created in a way to equal the real attacks without causing any damage and safeguard the organization or an individual against the cyber attacks. After it is discovered how the attackers work the Network administrators, engineers and security professional emulate the environment of security level to conduct a penetration test.
WHEN DOES ETHICAL HACKING BECAME LEGAL?
With the increased use of internet now a days the word hacking has lost its worth and is seen more of illegal activity or as a cybercrime, unethical hackers or commonly known as black hat hackers are responsible for the darker side of hacking as they are the one who breaches the cyber security with their skills and techniques. To tackle with cyber criminals like black hat hackers there is a need of law as well
LAWS TO REMEMBER AS A ETHICAL HACKER
With the growth in usage of internet in India, cyber attacks have impacted the security of the computer networks as well; India adopted the model law on electronic commerce which was adopted by the United Nations Commission on International Trade Law consequently Information Technology Act of 2000 came into force, the purpose of the act was an Act to provide legal recognition for transactions by means of the electronic data interchange and, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information.
SECTION 84: There is a thin line between a black hat hacker and a white hat hacker which is laid stating that the protection granted to the government, the controller or any person acting on behalf of them to act in good faith. If an ethical hacker is appointed by a government or a controller and the person has to act in pursuance of this act or any rule and regulation or order.
SECTION 43: The Act states that if any person without any permission of the owner or any other person who is an in charge of a computer, computer system or computer network, if modifies, the damages, disrupts computer network, downloads, copies or extract any data or information from such computer network or accesses to such computer system he may be penalised for damages. The term that is used in this provision is without permission of the owner that gives an impression if a person is working under the authority or in a good faith he may not be liable for the damages.
SECTION 43-A: The Act states that if any person fails to protect the data he is liable for compensation, so if an ethical hacker is a body corporate and he fails to protect the data handling he will be liable under section 43-A of IT Act.
SECTION 66: The IT Act deals with the computer-related offences which state that any person who dishonestly and fraudulently does any act mentioned in section 43 of the Act he shall be penalised with 3 year years.
The government agencies like CBI, Army and law enforcement bodies, Intelligence Bureau, Ministry of Communication and Information Technology under the Information Technology Act can form government agency under section 70-A and Section 70-B for the Critical Information Infrastructure Protection can recruit the cyber security experts to protect itself from cyber terrorism as laid down in section 66-F of the Information Technology Act where it has been mentioned without authorization or exceeds authorized access. The IT law of India does also penalize a hacker who does not have proper authorization to get access to the computer hacker but it does not protect ethical hackers unless he is employed by the government under section 84. Ethical hackers cannot be ignored, as their presence is much required to protect the computer networks against cyber terrorism and cyber attacks which is most important.
CONCLUSION
The act of ethical hacking is not defined in Indian law. Its legality can only be ascertained after having a conceptual understanding of the laws that governs the hacking. Ethical hacking lacks mens rea which is the main reason for making any act, an illegal act. This is one of the reasons why the ethical hacking is not illegal in India. After testing ethical hacking with parameters of both the civil law and the criminal law, it can be concluded that ethical is legal hacking in India.
👍👍
ReplyDeleteEveryone shld be aware of all these things happening in our day to day life... Come on Maggi.. continue further society needs a lot like this..
ReplyDelete