Watch out! Hackers!

The very word ‘hacking’ is enough to make some people paranoid. Of course, it doesn’t help if they’re paranoid already.

Case in point: last week I was on a Certified Ethical Hacker (CEH) course in the UK. Right at the beginning, our instructor warned, “If anything goes wrong, even if the Coke machine breaks, we’ll get blamed”. And so it proved.

The training facility was alongside a hotel that is used by a number of training companies. In the bar, you’re likely to bump into all kinds of people. A couple of the lads on our course got talking to some people who refused to say what they did for a living or what kind of training they were doing. As it happens, we’d already discovered, by other means, that they were undercover police officers. I wasn’t there, but apparently, when they learned that we were hackers in training, their jaws hit the floor.

Sure enough, the next day the manager of our training company stormed into the classroom and read us the riot act. Someone, he alleged, had been hacking outside of our subnet. ‘Someone’ had complained they were being hacked. We all knew who that was.

It was nonsense, of course. Okay, we had a couple of minor glitches. One of the students thought it funny to email the trojan we’d just built to all his mates. (It would have been picked up by anti-virus software in a millisecond and, in any case, wouldn’t have worked outside our network.) And a fellow student and I caused the receptionist to have to reset the wi-fi access point. We’d been using the Zyxel device as a zombie in an NMAP Idle scan. But hey, that device was on our subnet and therefore classed as ‘fair game’.

It seems that no-one pays attention to that ‘ethical’ adjective. If they hear the word ‘hacker’ they feel under attack. Oh well…