Confessions of a hacker
Consultant says penetrative testing services takes much more time than portrayed in the movies
With malicious cyber activity on the rise, ethical hackers are becoming a go-to for clients looking to test the security of their computer systems.
Also called white hat hackers, these penetration testing companies hack into client systems to identify vulnerabilities.
Though movies make hacking look easy, Mr Daniel Hamid, 27, begs to differ.
The senior consultant at Centurion Information Security, Singapore's first internationally accredited firm for the delivery of penetration testing services, said that it typically takes days.
And if it involves delving into new forms of technology, then it could even take weeks.
He said: "You are going to need a lot more than just five minutes to break into anyone's computer systems. It is a long process.
"There is a lot of trial and error involved when we hack. Besides having to fully understand our clients' systems, we also need to bypass firewalls and antivirus applications, which can be tricky."
Mr Daniel also shared that new forms of technology are the most challenging , especially if there has not been much prior documentation about them.
He stressed that there is a lot more to being a consultant than purely hacking.
As a consultant, he has to understand clients' needs and the data they wish to protect.
In doing so, he is then able to come up with solutions that will address their key concerns.
He stressed that penetration testing is not a last-minute remedy to everything cyber security-related.
"Many firms consider penetration testing only after deploying their systems, because they think it can solve everything.
"But when you find all kinds of flaws, even in the foundation of their code, then they end up having to start everything from scratch again."
This could be a costly process, since the programmers may have to re-code everything, sometimes leading to a delay in the launch of a system.
To address that, Mr Daniel recommended that security be considered throughout the course of creating a system.
He said: "When you consider security every step of the way, you can identify the flaws earlier and address them beforehand."
While most people might get bored by a job that involves staring at long strings of code on a computer screen, Mr Daniel finds it a joy.
"I have always been fascinated by computers, ever since my dad introduced them to me when I was young," he said.
He went on to do a diploma in infocomm security management in Singapore Polytechnic in 2008.
After completing his national service, he then went to Australia, where he got his bachelor's degree in information technology.
He said: "Actually being able to hack into something, despite all the protective measures in place, makes me satisfied. It is like I am proving a point.
"And at the same time, when clients return, it feels great because they are acknowledging that we have done a good job. "
Secrets of the trade
Practice makes perfect. If you plan on honing your hacking skills, virtual machines are a good way to start. These virtual machines are a type of software that emulate computer systems and allow you to practise hacking legally.
- Do not give up. Hacking is not an easy process, do not let minor setbacks deter you. Hackers are driven by a desire to break into things, and the good ones will not rest until they have done so.
- Hacking does not have to be a solitary experience. You can join meet-up events such as Division Zero, where you will be able to network with others and discuss advancements in the infosecurity field.