To discuss this subject let us first define the term "Hacker".
Before the 90's a hacker was someone who was not good at something but tried it anyway and looked inexperienced as a result.
In the 90's a hacker was someone who found solutions to problems that were technical in nature(usually with a computer). As time went on and these "expert computer problem solvers" were actually attacking computers to do nefarious activities (steal information, change data without permission, etc.) so the term "computer hacker" evolved into bad or evil computer hacker.
Webster-Merriam Full definition¹ (today):
Interesting to note there are 3 types of hackers: White, Gray, and Black hat.
The White hat hacker is the good guy, the black hat is the bad evil guy, and the grey hat does both good and bad. This white and black hat good vs. evil came from the early black and white film days where there wasn't time to explain everything(early movies did not have sound) and it was easy to know that the white hat actor is the good guy.
To make it certain for the non-technical person as to who is good/bad a certification of Certified Ethical Hacker was created by the ECCouncil²
A Certified Ethical Hacker has to take a test after studying material of a technical nature. Not just technical though, the EC council requires a number of ethics questions to be understood, as well as understanding what is lawful for computer testing.
Fixvirus.com is a company that prides itself in being ethical and honest to a fault.
The test was relatively simple for me since I have an extensive computing career, here in Saint Louis, MO and had quite a head start.
In my opinion an ethical hacker in this day and age is someone who can pick up new techniques quickly and think like an attacker while using tools to try and evade defensive methods.
The Ethical Hacker tests your network computers to see if they can be hacked - and if they can will recommend to you how to fix the problem. An ethical hacker is a tester and thus does not actually fix the problem.
To become PCI, HIPAA, ISO 27001 compliant.
at 314-504-3974 in the Saint Louis Area
or with one of our partners if necessary to help you test your computers and networks.
We always ask permission before attempting to attack as some attacks potentially damage your services. And of course it is unethical and against the law to attack without permission.