Question: Hiring a Black Hat Hacker
You are a member of the Human Resources Department of a software manufacturer that has several products and annual revenue in excess of $500 million. You're on the phone with the manager of software development who has made a request to hire a notorious black hat hacker to probe your company's software products in an attempt to identify any vulnerabilities. The reasoning is that if anyone can find a vulnerability in your software, she can. This will give your firm a head start on developing patches to fix the problems before anyone can exploit them. You feel uneasy about hiring people with criminal records and connections to unsavory members of the hacker/cracker community and are unsure if you should approve the hire.
Review Questions
1. What is the difference between a black hat hacker and a white hat hacker?
2. What potential harm could this hacker do to your software products?
Critical Thinking Questions
1. Provide three good reasons to hire this individual. Provide three good reasons not to hire this individual.
2. How would you respond to this request? Why? Now that we have discussed various types of computer exploits, the people who perpetrate these exploits, and the laws under which they can be prosecuted, we will discuss how organizations can take steps to implement a trustworthy computing environment to defend against such attacks.