Why principals should consider using ‘white hat’ hackers

Why principals should consider using ‘white hat’ hackers
Last year, Australia’s primary cyber security agency began actively recruiting high school students as young as 14 to become “white hat” hackers.

A white hat hacker is a computer security specialist who breaks into protected systems and networks to test and asses their security.

These hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them.

The initiative, by the Australian Signals Directorate (ASD), was in response to online cyber-attacks similar to those that crippled the 2016 Australian Bureau of Statistics (ABS) Census.

The ASD, which operates out of the Department of Defence, is tasked with intercepting foreign communications – and is offering high school students a “licence to hack” to “catch Australia’s phishing foes”.

Indeed, thinking outside the box to protect their schools from these threats is something that should be on the mind of principals in 2018, says Alex Manea, BlackBerry’s chief security officer.

Manea told The Educator that one of the most important things that IT teams can do is look at how hackers are approaching their networks and attacking them.

“One of the challenges that people in this department face is getting stuck in the mindset of being so focused on protecting their own firewall and network that they don’t think about all the different ways that hackers are trying to attack us,” he said.

“To help mitigate this threat, principals can bring in white hat hackers to attack them in the way that real hackers would.”

Manea said this allows principals to simulate a live hack and lets them find out how resistant they really are to a real-world hack.

“Hackers don’t care about how strong your network or authentication is – they’re going to find the weakest link,” Manea said.

“Fortunately, that’s what white hat hackers do, so they can really help principals understand their schools’ potential vulnerabilities and be better prepared to face these threats.”

Related stories:
Is your school protected against cyberthreats?
Why the responsibility of schools’ cybersecurity rests with principals