Ethical hacking

Ethical hacking is a phrase we hear commonly nowadays. An ethical hacker – also known as a “white hat” –finds vulnerabilities and bugs in applications that an otherwise malicious hacker can potentially exploit. He is the go-to security expert in making sure all security measures are in place and that any possible attack can be detected and prevented, whichever comes first.

People who are into ethical hacking also participate in hackathons – events that gather similar and like-minded people to collectively exploit an app, improve the software and protect users. Hackathons are put up by technology companies, among others, and events like this tend to have pot money for the best security professional.

Moreover, ethical hackers also educate the youth and teach them the tricks of the trade, especially those who
want to join the industry. More and more academic and even online courses are being promoted to encourage students and even non-IT people to understand and learn skills and where can these be applied.

Naturally there is also the opposite or non-ethical hacker, the “black hats”. Because technology is available for everyone, there are people who use this to do harm instead of good. The process can be sophisticated depending on the objective and we see in the papers how some companies have been made victims, much to the inconvenience of customers and users.

In the TV series Mr. Robot, the main character Elliot Alderson is a combination of both an ethical and a non-ethical hacker. Ethical because he wants to “undo” the hack he made out of the giant conglomerate to get rid of the citizenry’s credit card debt but also non-ethical because he hacked the same giant conglomerate to erase everyone’s credit card debt in the first place. It sounds dizzying, but some other non-ethical activities he gets into include getting the personal details of somebody he may not necessarily like (a man having an affair with his shrink, for example) and divulge this. In real life, does this mean that a security professional can both be an ethical and a non-ethical hacker and that he can be commissioned to do whatever objective that a paying company may want him to do? The mind can be sometimes creative.

Having these different kinds of security resources in the market only shows that there are opportunities out there. It would be good to have more policies in relation to these developments in place and assess how far can regulation go in order to protect the citizenry and improve public services. I have written about how we should protect our personal information, the tools that we can utilize and how behavior and culture can also play a vital role.

Global Chamber is mounting a Cybersecurity event called PilipinasCon 2018 on January 31, 2018 at Enderun Colleges. Tickets are available at

Kay Calpo Lugtu is an executive of a multinational business process outsourcing company. She is likewise the deputy director of Global Chamber Manila. Her advocacies include data privacy, financial literacy and nation-building. She can be reached at or, for the more cautious, at