Google is one of the largest and most well-known technology companies in the world. They have billions of users and 150,000 employees. Of all the companies in the world that need to fend off constant threats from cyberattackers, Google is at the front of the pack.
This means the company has to get creative in how it approaches cybersecurity. Part of their solution is the "red team," which is a team of cybersecurity experts who are constantly trying to break into Google, discover its vulnerabilities, and find as many exploits as possible. The catch? This team works for Google, and their job is to find security issues before a cybercriminal does.
Google's red team is the deliberate adversary of its "blue team," the latter being Google's own defenders against cybercrime. They're there to simulate how a cybercriminal would think if a cyberattack were to happen at Google and make sure the blue team can stop it.
Google isn't the only tech company with a red team. Facebook has its own with the same goal. The term "red team" has grown in popularity in the tech world, and more tech firms are implementing their own red teams to combat the ever-increasing threat of cybercrime.
However, there is another term for hackers who work to find security holes in company networks for good: white hat hackers. These individuals use their skills to strengthen an organization's cybersecurity by emulating a hacker who wants to do genuine harm.
White hat hackers: The original red team
The concept of an organization utilizing skilled hackers to find issues with their cybersecurity traces back to the U.S. Air Force for its Multics operating system back in 1974. This was when the military used ethical hackers to discover that its networking infrastructure could be broken into with relative ease. The term for an ethical hacker who attempts to breach the cybersecurity of companies, militaries, and other IT-related organizations is the "white hat" hacker, whose aim isn't to cause harm, but to help strengthen security. Contrast this to the "black hat" hacker, who is genuinely out to wreak havoc.
The terms "white hat" and "black hat" derive from a trope in old Western movies in which the good guys tended to wear white hats, and the bad guys donned black hats. There are other types of hackers as well, including "grey hat" hackers who toe the line between white hat and black hat hackers. One way to look at this type is as the vigilantes of the hacker world. A grey hat hacker might break into a security system and not cause any serious damage, but would also be doing so without permission or any warning to the entity they target. The most well-known grey hat hacker group might be Anonymous, which has committed a number of cybercrime offenses, though not always with malicious intent.
Unlike black hat or grey hat hackers, being a white hat hacker is a serious and perfectly legitimate profession, though it's typically under a different title, such as "penetration tester" or "chief information security officer." You can even go to school to become a white hat hacker. According to Coursera, degrees in computer science, computer engineering, information technology or cybersecurity are the first step. You'll also need to learn scripting and programming languages such as ASP, C++, and HTML. A master's degree in cybersecurity certainly wouldn't hurt — and a career in the military as a cybersecurity or intelligence expert is another method to earning these titles. You can expect to make over $100,000 on average as a white hat hacker, with your pay increasing the more experience and knowledge you attain.
White hat hackers do more than just break into computer networks from a terminal. They also teach employees to stay on their toes. With the dangerous rise in phishing attacks, these individuals will craft their own phishing emails and send them out to unsuspecting employees, installing malware on the computers of those who don't recognize the ruse. If successful, this sends a warning both to the employee and the cybersecurity team. The employee is taught valuable skills on how to recognize a phishing email, and the cybersecurity team learns to focus on the hole in their network.
Strengthening cybersecurity by putting it to the test
White hat hackers are the foil to black hat hackers. These ethical individuals are invaluable in finding security exploits in company networks before malicious cybercriminals do. The career of a white hat hacker is fairly lucrative but requires much education and skill. Similar to the Jedi in Star Wars, hackers can use their skills for the dark side of cybercrime as black hat hackers, or they can work for the side of good, foiling the plans of the black hats to keep companies and their employees safe.