Programming has five main steps: the identification and definition of the problem, the planning of the solution for the problem, coding of the program, testing, and documentation.
It's a meticulous process that cannot be completed without going through all the essential points. In all of these, security must be taken into account. As you come up with a solution to the problem and write the code for it, you need to make sure security is kept intact.
Cyber attacks are becoming more and more prevalent, and the trend is unlikely to change in the foreseeable future. As individuals, businesses, organizations, and governments become more reliant on technology, cybercrime is expected to only grow.
Most of what people do in contemporary society involves the internet, computers, and apps/software. It's only logical for programmers to be mindful of the security aspect of making applications or software.
It's not enough for programmers to produce something that works. After all, they are competing for users to choose their software. Many consumers are already becoming aware of the need for security in the applications they are using.
Cyber-attacks have devastating consequences, from identity theft to the hundreds of thousands worth of digital assets or lost opportunities for businesses. Moreover, even when businesses don't suffer an actual attack, they can still be slapped with grueling penalties like the 183 million GBP fine earlier this year to British Airways because of compliance failures.
It greatly helps when programmers think like hackers, but unfortunately, developers don't receive much security training when doing a computer science university degree or learning through online training courses.
Companies are also aware of the importance of having an effective security policy and well-trained staff, but they still spend most of their time and money on adding separate layers of cybersecurity defenses or recovering from cyber attacks.
To solve this problem at its core, the best strategy for the companies is to train their development teams using platforms like Adversary.io, where they can learn best secure coding practices by understanding how hackers exploit vulnerabilities.
This benefits not only the final output of the programming process but also the enthusiasm and efficiency of software developers.
Ponder on the following reasons why programmers should adopt the mindset of hackers.
1. Incomparable Tenacity
Hackers are mostly self-taught experts in defeating security systems. They are people who have the patience to attempt as many times as possible to break a barrier that prevents them from doing or getting something.
They don't always rely on formal education when it comes to most of the techniques they use, let alone the persistent determination to break into networks or user accounts.
Hackers are simply tenacious. Generally, they learn everything on their own. They don't rely on others to spoonfeed new knowledge to them, preferring to figure things out DIY style. If there's something they don't know or understand, they go out of their way to learn the ropes.
Hackers may not be necessarily fond of going through the hard ways, but somehow they are compelled to take the more difficult road since most of the things they do are not taught in the classroom. The things they may want to try or do could also be illegal and frowned upon by the conventions-abiding community of programmers.
2. Doing Instead of Reading and Traditional Learning
It's important for hackers to always have the drive to try as many things in as many ways as possible to achieve their goals. They do a lot of learning but not through books and lectures. It's more about accumulating new knowledge from their experiences.
Doing is given more priority over reading or attending lectures. As Edgar Dale's cone of experience puts it, people tend to retain 5% of the knowledge they obtain from lectures, around 10% from reading, and approximately 75% from trying out or doing the things they seek to learn.
3. Anticipating Potential Security Breaches
The stereotype that hackers always think of breaking cyberattack defenses is not entirely false. Yes, they have many other things in mind, but they have a natural tendency to break the rules, take advantage of weak security, and destroy established protective systems.
When programmers think this way, they become more mindful of the security weaknesses they might unwittingly create in the process of programming.
Programmers who think like hackers automatically think of how they might get around a security protocol or exploit an overlooked bug in an application.
They anticipate problems as they already carry in their minds the intention to destroy the things they build. Their understanding of offenses makes them more prepared in creating defenses.
4. Creative Thinking and Willingness to Break Out of the Mold
Hackers are absolutely creative and resourceful. They may appear averse to conventions, but they mostly remain organized in innovative and atypical ways. They ceaselessly develop new ways to achieve their goals. They don't let stumbling blocks discourage them. When they fail, the inherent tenacity gets them going.
The phrase "to break out of the mold" here does not imply that programmers are free to consider breaking laws or adopting black hat methods. The point is that programmers can do more when they don't let conventions or currently prevalent wisdom to dominate their programming. They can solve problems faster when they are not tied to the knowledge they have learned from school or traditional books.
Who says hackers always try to do things illegally? Whenever there's an opportunity for them to do something legal but easier and faster, you can bet that they would. Hackers are always on the lookout for new vulnerabilities they can exploit.
This "exploitation" may not always be illegal. They may have newly discovered a security defect or weakness that is not yet outlawed or considered as a cybercrime. That's why they never stop learning and exploring to find ways that won't entangle them with the law before they resort to felonious options.
5. Having Fun
Programming is not an easy task when you think of it as a job. When all you have in mind is the completion of the program according to the milestones or deadlines, you will most likely suffer from the pressure. You will not enjoy doing the things you do.
With hacking, there's usually a sense of enthusiasm and excitement. Hackers don't attempt cracking into someone's accounts with a deadline in mind. They do it to achieve something, sometimes randomly or different from the original goal. They always see opportunities or positive things in whatever they do.
In Conclusion
Hackers (the black hat or criminal ones) are not role models. This post does not seek to glorify them.
However, if programmers learn to think the way they do, they can develop more secure applications. They can be more capable of preventing security breaches.
If you're thinking to get started immediately, you should check out Adversary, an effective training platform for programmers that offers hands-on learning through continuously growing labs and a wide range of interactive content.
Moreover, programmers who have the mentality of a hacker are unlikely to get tired of working with codes and are generally more creative and persistent.
Share your view.. EmoticonEmoticon