What Is An Ethical Hacker? | Thomas Johnson | Modern Wisdom Podcast 105

Thomas Johnson is an ethical hacker and social engineer. Hacking is often thought of as a dark art. Dark basements and illegal activities. But there's an entire other world of hackers who are using their skills to subvert security systems both online and offline for good. Expect to learn just how Tom hacks both people and computers to break into secure buildings, how safe your information is online, what tools Tom uses to bypass the systems that are meant to keep him out and his best advice for staying secure online. Also get ready for him to hack into a university's CCTV system only using Google while we are recording. Extra Stuff: Check out everything I recommend from books to products and help support the podcast at no extra cost to you by shopping through this link - https://www.amazon.co.uk/shop/modernwisdom - Listen to all episodes online. Search "Modern Wisdom" on any Podcast App or click here: iTunes: https://apple.co/2MNqIgw Spotify: https://spoti.fi/2LSimPn Stitcher: https://www.stitcher.com/podcast/modern-wisdom - Get in touch in the comments below or head to... Instagram: https://www.instagram.com/chriswillx Twitter: https://www.twitter.com/chriswillx Email: modernwisdompodcast@gmail.com

Thomas (Tom) JohnsonguestChris Williamsonhost

Sep 22, 20191h 4mWatch on YouTube ↗

WHAT IT’S REALLY ABOUT

Ethical Hacker Exposes Human Weakness As Cybersecurity’s Greatest Vulnerability

Ethical hacker and social engineer Thomas Johnson explains how modern hacking targets people more than machines, because human behavior often bypasses even the best technical defenses.
He shares his journey from teenage hacker to Home Office–recognized security professional, detailing real-world engagements where he gained deep physical and digital access to organizations through persuasion, disguise, and inexpensive hardware.
The conversation explores offensive tools (USB implants, software-defined radios, covert cameras), password cracking, and data breaches, alongside nation-state cyberwarfare, critical infrastructure attacks, and the value of data as a strategic resource.
Johnson stresses education, better personal security habits, and the urgent need for more ethical hackers, highlighting both the career opportunities and the existential risks of an increasingly connected world.

IDEAS WORTH REMEMBERING

5 ideas

Humans are both the weakest and strongest link in cybersecurity.

Most sophisticated defenses can be bypassed if an attacker manipulates a person to reveal passwords, plug in devices, or grant access; cultivating skepticism and trusting your “gut feeling” is a powerful defense against social engineering.

Social engineering uses psychology to bypass technical security.

Johnson gains access by blending in, borrowing authority (e.g., posing as security or a photocopier technician), associating with trusted staff, and redirecting suspicion with conversation—showing that con artistry plus minimal tech can defeat strong systems.

Short, reused passwords are effectively broken security.

Eight-character passwords—even with mixed symbols—can be brute-forced in hours, and reused credentials across sites make it trivial to pivot from one breach to multiple accounts; longer (12+), unique, non-dictionary passwords or mnemonic phrases are essential.

Cheap, accessible hardware can be weaponized for serious intrusions.

Off-the-shelf tools like USB Rubber Ducky, Bash Bunny, Raspberry Pis, software-defined radios, covert cameras, and radio bugs can clone access cards, inject payloads, intercept signals, and exfiltrate audio/video with minimal visibility or cost.

Nation-state cyber operations can cause real-world physical damage.

Cases like Stuxnet, which sabotaged Iranian nuclear centrifuges via malware on air-gapped systems, demonstrate that cyberweapons can quietly infiltrate and then damage critical infrastructure, making information warfare a central front in modern conflict.

WORDS WORTH SAVING

5 quotes

If you can talk someone into giving you the passwords or plugging a USB stick into the computer, then all of this very expensive cybersecurity mitigation is useless.

— Thomas Johnson

For the price of one fighter plane, you can hire 200 hackers. Information warfare is going to be the future of war.

— Thomas Johnson

The hackers are the good guys. The cyber criminals are the bad guys. The knife is hacking; Gordon Ramsay is the hacker, Jeffrey Dahmer is the cyber criminal.

— Thomas Johnson

The entire character set of eight characters, including uppercase, lowercase, numbers, and special characters, in its entirety, can be cracked in two hours now.

— Thomas Johnson

As things are progressing we're gonna be faced with lots of new challenges, and if we don't adapt as a race, we're gonna end up destroying ourselves.

— Thomas Johnson

Definition and practice of ethical hacking and social engineeringThomas Johnson’s personal journey from young hacker to white-hat professionalReal-world physical and psychological intrusion techniques in corporate environmentsHacking tools and hardware: USB implants, SDRs, covert cameras, Raspberry PisPassword security, data breaches, and common user vulnerabilitiesNation-state cyberwarfare, critical infrastructure attacks, and StuxnetCareer paths, skills demand, and training resources in cybersecurity

High quality AI-generated summary created from speaker-labeled transcript.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.