Key Points Discussed:
- Defining Ethical Hacking: Ethical hackers use their skills to identify and report vulnerabilities, often to enhance cybersecurity in various capacities, including voluntary work, bug bounty programs, or professional roles.
- Research Focus: Dr. Weulen Kranenbarg’s studies highlight a significant overlap between positive and negative cyber behaviors, particularly among IT students, and explore how individuals transition toward ethical hacking.
- Ethical Hacking as a Pathway:
- Early positive experiences, such as reporting vulnerabilities to schools or organizations, can strongly influence individuals toward ethical hacking.
- Responses from organizations play a critical role—positive reinforcement encourages further ethical behavior, while negative experiences can deter individuals.
- Challenges in Defining Ethics:
- Ethical hackers themselves debate the boundaries of what constitutes ethical behavior, such as whether making vulnerabilities public is acceptable if organizations fail to act.
- The term "ethical hacker" is often contentious within the community.
- Role of Education: Schools struggle to address and guide ethical behavior among IT students effectively. Clear vulnerability disclosure policies and ethics education in IT programs are crucial.
- Future Research Directions: Dr. Weulen Kranenbarg plans to conduct life-history interviews with hackers to better understand their pathways and influences toward ethical behavior.
About our Guest:
Dr Marleen Weulen Kranenbarg
https://research.vu.nl/en/persons/marleen-weulen-kranenbarg
Papers or Resources Mentioned:
- Weulen Kranenbarg, M. (2018). Cyber-offenders versus traditional offenders: An empirical comparison. Vrije Universiteit Amsterdam. Retrieved from https://research.vu.nl/en/publications/cyber-offenders-versus-traditional-offenders-an-empirical-comparison
- Weulen Kranenbarg, M., Ruiter, S., & Nieuwbeerta, P. (2018). Cyber-offending and traditional offending over the life-course: An empirical comparison. Crime & Delinquency, 64(10), 1270–1292. https://doi.org/10.1177/0011128718763134
- Weulen Kranenbarg, M., Holt, T. J., & van Gelder, J.-L. (2021). Contrasting cyber-dependent and traditional offenders: A comparison on criminological explanations and potential prevention methods. In J. van Gelder, H. Elffers, D. Reynald, & D. Nagin (Eds.), Routledge International Handbook of Criminology and Criminal Justice Studies (pp. 234–249). Routledge. Retrieved from https://research.vu.nl/en/publications/contrasting-cyber-dependent-and-traditional-offenders-a-compariso
- Weulen Kranenbarg, M., & Noordegraaf, J. (2023). Why do young people start and continue with ethical hacking? A qualitative study on individual and social aspects in the lives of ethical hackers. Criminology & Public Policy, 22(3), 465–490. https://doi.org/10.1111/1745-9133.12640
Additional Resources:
Capture the Flag (CTF) events:
Hack the Box - A popular online platform offering a variety of CTF challenges to test and improve cybersecurity skills.
https://www.hackthebox.com
NorthSec - A popular in-person CTF competition designed for everyone excited about cybersecurity.
https://nsec.io
Bug Bounty Programs:
HackerOne - A leading bug bounty platform connecting ethical hackers with organizations to find and fix vulnerabilities.
https://www.hackerone.com
Bugcrowd - A platform that hosts bug bounty programs for a wide range of companies and industries.
https://www.bugcrowd.com