TL;DR: With an unemployment rate of 0%, ethical hacking is a growing industry desperate to pull more hackers from the dark side.

In an age that simplifies and destigmatizes immoral activity such as piracy and plagiarism, software hacking is simultaneously accelerating and advancing at a rapid pace. The realm of hacking is expanding by the thousands, but not all are positively adding to the betterment of society. There exists a stark dichotomy between illegal hacking and ethical hacking, or black hat and white hat hacking. Since 2010, black hat hackers exploiting zero-day vulnerabilities have targeted “Syrian citizens, human rights activists, and the defense and aerospace industry.” Contrastingly, white hat hacking, or ethical hacking, can amount to unlimited and unimaginable moral opportunities from protecting the United States to building an independently-made self-driving car. Nonetheless, with such power comes the burdening responsibility to uphold ethicality. The Washington Post reports that “in a world in which businesses, the military and governments rely on computer systems that are potentially vulnerable, having the ability to break into those systems provides a strategic advantage.” To combat the detritments of not only criminal but governmental misuse of software, multiplatform companies like Google are hiring researchers to find zero-day vulnerabilities before others. Since its creation in 2014, Google’s elite team, coined Project Zero, aims to “focus on the supply of these high value vulnerabilities and eliminate them” and has detected imminently dangerous flaws such as Cloudbleed and Window’s 8.1 software. Project Zero’s founder Chris Evens believes that “people deserve to use the internet without fear that vulnerabilities out there can ruin their privacy with a single website visit.” With the threat of black hat hackers increasing in number, movements such as Anonymous are not enough to avoid potential corruption. As recognized by the CISCO 2014 Annual Security Support, “The sophistication of the technology and tactics used by online criminals—and their nonstop attempts to breach network security and steal data—have outstripped the ability of IT and security professionals to address threats. Most organizations do not have the people or the systems to monitor their networks consistently and to determine how they are being infiltrated.” Even by 2014, CISCO reports that “the industry will still be short more than a million security professionals across the globe.” In a war that appears neverending, there are various measures that should be taken to remain advantageous against the enemy.

The most promising solution to mitigate the shortage of ethical hacking is to increase the availability of hacking courses. Universities such as Carnegie Mellon and University of Tulsa offer courses teaching the methodologies of software hacking and the faults that exist among revolutionary technology. In reciprocation to such prevalent education, the dichotomous nature dividing hacking and ethical hacking becomes essential. Teaching students how to infiltrate health care databases could quickly produce the crime that ethical hackers are working to defeat. Thus, professors like Sujeet Shenoi at Tulsa stress the importance of ethical and moral behavior and even vow not to “accept students who don’t promise to work, if hired, for the National Security Agency, the Energy Department or another U.S. government agency.” Despite the setback that could potentially add to the hacking dilemma, courses in cyberoffense opens the door for thousands of well paying, needed jobs.

However, a secondary conflict arises as various universities struggle to hire enough qualified staff in not only computer programming but professors that specialize in hacking.

Although existing as a prominent hindrance to increasing education on internet security, there is a solution. Upon further research, I discovered countless websites offering either free or low-priced packages to teach one of any background to ethically hack. Some packages, such as BGR Acamedy, even offer certificates for completeing the course. Of course, however, the credibility of such courses offered outside of official institutions is questionable, and it is unclear if ethicality is stressed; but, just as a person can learn computer coding in the comfort of his/her own home, learning how to ethically hack falls under the same feasibility. George Hotz, a millionaire that gained public attention by being the first to hack Apple software and eventually joining Product Zero, admits that “he learned most of what he knows on the Internet ‘and from playing with things.’” Through self-taught information, Hotz surpassed brilliance to achieve minor, but still impressive, successes such as breaking into Playstation 3 to give the public restricted software, or grand successes ranging from thought-controlled robots to deep-learning AI.

By learning how to ethically hack, citizens can join the battle against NSA corruption or defend the general public from zero-day vulnerabilities. There is an infinite collection of events highlighting the dangers of software insecurities that requires a greater population preventing the exploitation of its users. As it is “almost impossible to design an impenetrable system because all technology has built-in security flaws,” there is a constant demand for intelligent minds able to detect zero-day vulnerabilities and combat black hat hackers. To counteract such a drastic rise in destructive hacking, Keeper Security CEO Darren Guccione suggests that three critical steps must be taken: ‘Fast-track’ the hiring process for cybersecurity professionals in the public sector, emphasize cybersecurity at all education levels, and initiate a comprehensive, robust public-awareness campaign across all media channels. Considering such suggestions, I believe education is most detrimental to expand the amount of ethical hackers and convert black hats from the dark side. While Wikileaks independently works to expose wrongfully restricted information involving war and corruption, educational systems should adapt to the continual advancement of technology and stress the importance of internet security; similar to digital plagiarism and piracy, mitigating unethical hacking requires full focus on current developments. In his analysis of today’s hacking dilemma, Guccione cries that the United States must “recognize that nothing less than our national security is at stake,” and internet security should be treated as if the country is at war. Criminal hacking is unlike other wars, however, as the solution is the very factor that is fueling the opposing side. Whether fought independently or under governmental commands, ethical hackers must remain ahead of those exploiting vulnerabilities and causing corruption by strengthening in number and intelligence. When hackers are deciding which color to wear each day, the choice should always be the white hat.

Anonymous flickr photo by anonatlas shared under a Creative Commons (BY-ND) license