How Bradford students are learning to out-hack the hackers
Students are being handed the tools to beat the hackers at their own game as part of a computer course at the University of Bradford.
Ethical hacking, which is a module in the university’s MSc Cyber Security course, is when ethical hackers carry out risk assessments and test computer systems for security-related issues on behalf of companies or organisations. Their work is to outsmart the malicious hackers.
Ethical hackers must follow a strict code of ethics when they carry out their work. This includes being prohibited from sharing how they breached a computer system’s security measures with anyone outside of whom they are working for or are authorised to carry out tests.
After they have finished their work, they must delete all traces of their hacking work to make sure malicious hackers cannot see how they achieved it.
During the University of Bradford’s module, students are taught how to gather information, scan, test, and hack so they will be able to secure systems effectively.
The module offers a background in ethical hacking, scanning networks, system hacking, malware analysis, social engineering, session hijacking, and cryptography.
The statistics on the cost and impact of cybercrime in the UK show the need for ethical hacking and courses that teach it.
A total of 39 per cent of UK businesses reported suffering a cyber-attack in 2022. Meanwhile, cybercrime costs UK firms an average of £4,200 in 2022.
But to protect the work of the students on the course at Bradford, we will not be giving away how they keep one step ahead of the malicious hackers.
So many scams out there
Dr Amna Qureshi, pictured above, Assistant Professor in Cybersecurity at the University of Bradford's School of Computer Science, AI and Electronics of the University of Bradford, who teaches the ethical hacking module, says companies often get caught out by hackers through misconfigured security settings, weak passwords, unpatched software, and unsecured network connections.
She said: “Ethical hacking is becoming a growth industry. After Covid-19, everything is online, and there are so many cyber attacks. There are so many scams out there. Organisations' employees need to be made aware of their cyber security policies.
“Ethical hacking is the practice of intentionally probing computer systems and networks to identify security weaknesses, vulnerabilities, and potential threats. It is similar to hacking; it’s just that ethical hackers have permissions - that’s the difference. The black hat hackers (or malicious attackers) find these vulnerabilities and exploit these vulnerabilities for personal gain.
It’s non-stop. New techniques are being developed by hackers every day
“There is nothing that is perfectly secure. There could be some insecure links. Hackers exploit weak links. The first step for ethical hackers is the collection of information about companies in order to identify potential vulnerabilities and develop an attacking strategy.
“Ethical hacking is very important. This is the first point organisations can protect their infrastructure from hackers. Ethical hackers can help organisations identify and fix security vulnerabilities in their systems and networks. The demand for ethical hackers is expected to grow in the coming years. As organisations become more aware of the risks of cyberattacks, they are increasingly investing in ethical hacking services."
“The students enjoy this module a lot as it involves penetration testing. In the simulated environments, they get to work on vulnerable applications and exploit the identified vulnerabilities. A lot of students are into cyber security.”