To the layperson, the world of cyber security can seem mysterious. We know that there are cyber criminals out there, looking to get their hands on our data. And we know that there are people and organisations actively working to stop these hackers in their tracks. But what does a role in cyber security actually involve?
As part of the answer, we now turn the spotlight on to one of the most enigmatic of security roles — the ethical hacker.
As the CTO of Security Consulting for our America’s region, Konstantinos Karagiannis has a very peculiar role — to break into banks. But, far from moonlighting as a career criminal, Konstantinos is actually one of the good guys. He’s an ethical hacker — a security expert who uses his skills to find holes in customers’ defences by thinking and acting like a cyber criminal.
Mostly, this means using computers to hack into networks. But it can go as far as utilising social engineering techniques. This involves testing whether or not a client is secured against the physical tricks a black-hat hacker might use, such as leaving malware on a USB in a company bathroom, in the hopes that an employee will be curious enough to plug it into a network-connected PC.
Konstantinos’ specialism is finance. He works with organisations such as banks — who often aren’t even aware of where their problems might lie — to probe systems for any hint of a cyber weakness. And, although he’s legally not allowed to divulge exactly what he’s done for our customers, he is sure that his work has saved certain customers millions, by spotting holes in their defences.
Although ethical hacking is a remote job (Konstantinos generally works as most hackers do; at home) there is a team who work together to create a more effective service for our customers.
All of Konstantinos’ ethical hacking colleagues have at least ten years’ experience and work around the globe in different sectors. The team can respond to a situation in any corner of the world, and has a wealth of expertise, which they can pool to improve their knowledge and skills. After all, an ethical hacker who discovers a potential weakness in a university network could easily help a colleague working in retail to identify a similar problem.
Like any security role, ethical hacking has its own set of unique challenges. For example, Konstantinos has to deal with a constant stream of new technologies and applications that could bring potential weaknesses to a customer’s system. Adopting a new tech because it’s the latest trend is always dangerous, and Konstantinos warns of the risk involved when companies create custom solutions, which can open previously secure systems to attack.
Thankfully, Konstantinos is an expert in his field and, drawing on intelligence from sources such as BT’s own Security Operations Centres (SOCs), he’s able to overcome these challenges, and keep our customers secure.
Ethical hackers have a fascinating role. They might have all the skills and tricks of the ‘bad guys’ — but they’re a powerful force for good in the fight against cyber crime.
You can find out more about Konstantinos, his role, and BT’s other cyber credentials, by watching this interview with the man himself.