DNVGL.no

Ethical hacking

Ethical hacking is about thinking like an attacker to prevent a black hat hacker from being able to break into computer systems.

Cyber security end-to-end testing

You can read this article in Norwegian here.

Today, we have a greater need to protect us from enemy invaders than ever before. At the same time, computer systems have never been as secure as they are now. To prevent an attack, potential methods must also be tested to help us know if the system is secure. This is where ethical hackers come into play.

Attacks are getting more frequent and the damage is greater

At DNV GL, one of our tasks is to ensure our customers' computer systems. We see that the demand for cyber security has grown as the attacks are getting worse. Here it is important to be at the forefront, and our ethical hackers work purposefully to find any weaknesses in computer systems.

One industry that is important to secure is the shipping industry. If unauthorized users break into the IT systems, the danger is high for the attacker to access control systems and confidential information.

Today, cyber attacks have become a worrying issue that all industries want to resist. Attacks are getting more frequent and the damage is greater. In order to shut out potential malicious hackers, we have to test security systems that could be overcome by unwanted intruders. This is what our ethical hackers do.

How ethical hackers work in DNV GL

Our ethical hackers use a known three-step process, starting with active and passive reconnaissance methods on, for example, a ship or oil rig. Through this process, ethical hackers try to determine if there are any potential weaknesses. If they find something, they will test if it is possible to hack the system. We let our customers know about these weaknesses and tests. A malicious hacker will do the opposite, hiding all his tracks.

One test method may be that an ethical hacker walks around on a vessel and tries to gain unauthorized access to a data server that may be unlocked. In some cases, passwords and other access controls could be weaknesses that a potential malicious hacker may exploit.

We also perform tests on the internet from our centre.

Typical weaknesses

Aside from securing high-end computer systems, our ethical hackers find weaknesses that should be avoided. They may be:

  • Not changing passwords often enough
  • Not hiding passwords well enough (for example, typing the password on a post-it and putting it on the wall)
  • Never or rarely updating PCs, software, applications or operating systems
  • Transferring files from personal hard drives and USB sticks

These simple points are often ignored. Small errors like this can lead to greater hacking attacks.

Do you think ethical hacking sounds interesting?

Could you imagine working as an ethical hacker? We believe that ethical hackers are not born, but are created. Becoming good at something requires you to exercise. It's not something you can read up on, but rather something you have to immerse yourself in. It requires you to be curious and have a great desire to find out more and explore the technology.

DNV GL’s ethical hackers have backgrounds from both cybernetics and telecommunications. At different colleges and universities, it is possible to immerse yourself in the subject of ethical hacking, but you have to work with it to understand it.

At DNV GL, we have an unlimited competence development with a unique career model. You should be ambitious, wanting to master your field of expertise. With us, you will develop and learn a lot on the way. We offer training that is tailored to your role and level.

Search for a job at DNV GL

Do you want to know more about what we do in DNV GL and what vacancies we have?

Our main sectors are:

We post all our vacancies on LinkedIn and on Finn, and if you want to keep up, you can turn on notifications. On our website, you can read more about what we do and why you should join us.