Dr Sufatrio
Article contributed by:
Dr Sufatrio
NUS School of Computing

Why Cybersecurity is Important
In today’s digital age, cybersecurity is more important than ever before. With ubiquitous Internet access, mobile devices, and IoT devices, we have become increasingly reliant on computers and connected devices for both personal and business use. However, this reliance also makes us very vulnerable to cyber threats, such as hacking and malware. Even if you are not interested in hacking or hackers, hackers are interested in you and your organisation’s assets!

It is widely recognised now that it is not a matter of “if” but “when” organisations and businesses will come under cyber attacks. The attacks can result in significant financial and reputational damage, as well as compromise personal and confidential information. As such, it is essential that individuals and organisations take appropriate measures to ensure the safety and privacy of their data and systems. According to TREN, the global cybersecurity market was valued at US$220.51 billion in 2021 and is expected to reach US$501.6 billion by 2030.

But isn’t Hacking Difficult?
Nowadays, various hacking tools are easily accessible on the Internet. These tools can be used even by individuals with minimal technical knowledge to exploit vulnerabilities in computer systems, networks, and applications.

Yet, the good news is that the same hacking tools, together with various available defensive techniques and mechanisms, can also be utilised by cyber defenders to thwart cyber attacks. Cyber defenders − which include security analysts, penetration testers, and security-conscious system administrators among others − can employ the tools in their ethical hacking efforts to identify weaknesses in their systems before they can be exploited by cyber criminals. Hence, with sufficient cybersecurity knowledge and hands-on practice, powerful offensive tools such as Nessus and Metasploit can be put to good use to defend against cyber threats!

How can I Become an Ethical Hacker?
If you are interested in becoming an ethical hacker, you need to first grasp the foundations of cybersecurity. You need to understand key cybersecurity concepts and basic techniques, including cryptography, secure channel using TLS/SSL, network security protocols, access control in Operating Systems, and web security.

Subsequently, you need to understand how cyber attacks work in exploiting hosts, networks, and web servers. To this end, you need to learn about hacking techniques and also practice your hacking skills in a safe, controlled environment. First, you need to know how to utilise tools for footprinting and enumerating your target systems. Next, you need to know how to utilise tools for scanning for vulnerabilities in the target systems and then exploiting them. Then, you need to know how to utilise tools for performing post-exploitation steps on exploited systems. Lastly, as an ethical hacker who needs to protect your systems, you need to understand possible counter measures and best practices that can help harden your systems against cyber threats.

Your Cybersecurity Learning Journey
Yes, becoming an ethical hacker is an interesting learning journey. You can learn and utilise various hacking techniques, tools, and platforms, including Virtual Machines, Kali Linux, Google hacking, Nmap, Nessus, Metasploit, password cracker, Wireshark, and also Burp Suite.

Singapore, which is currently in its transformation towards a smart nation and digital economy, has recognised cybersecurity as a critical enabler of the country’s push towards digitalisation. Cyber defenders including ethical hackers are therefore needed for a safer and more secure cyberspace in Singapore. If you are interested in cybersecurity, I hope you can have a good learning experience and also benefit from this fast-growing sector.