HACKERS: THE 411

Lauren Abshire
Director of Content Strategy United States Cybersecurity Magazine

White Hat, Black Hat, Gray Hat, Hacktivists, we hear all of these names, but what is hacking and who are they? What are the different types of hackers? Why hack? The media has used this term since the 1990’s and it can be traced back further to the late 1980’s. Hacking is the act of identifying weaknesses and vulnerabilities in a network, in computers, and in accounts, thus gaining unauthorized access. A hacker commonly uses their expertise and knowledge to exploit systems, users, companies, etc. 

Hackers are commonly unidentifiable computer experts with technical skills possessing the ability to bypass security. Contrary to popular belief, not all hackers are individuals in black hoodies.

WHAT ARE THE DIFFERENT TYPES OF HACKERS?

There is good and bad in everything, the same goes for hackers. There are malicious, bad hackers and good, ethical hackers, and then there are the hackers in between. So, what other types do we have? Let’s take a more in depth look at this:

  • Black Hats: These are the malicious hackers that illegally gain unauthorized access to information and use it against a person or company, whether it is for ransom, to black-mail, or to exploit information. Black Hat hackers commit cybercrime for many reasons (more on that later).  Black Hat hacking is illegal.
  • White Hats: These are the ethical hackers that will gain access (authorized) within systems to evaluate, test and ensure security. White Hat hackers will look for vulnerabilities that could otherwise be exposed by Black Hat hackers. Ethical hacking can also be known/referred to as pen testing. White Hat hackers perform a service to benefit, not to exploit. What White Hat hackers, or ethical hackers, do is legal.
  • Gray Hats: These are the inbetweeners, a blend of both Black Hats and White Hats. A Gray Hat hacker usually behaves as a Black Hat, however, typically without malicious intent. Gray Hatters may violate the ethical standards to exploit vulnerabilities (e.g. without permission from an individual or company), present them to the owner, and in turn ask for payment to fix the issue.
  • Red Hats: In the hacking world, Red Hat hackers are often referred to as ‘vigilantes’ in cyberspace. Red Hat hackers are quite similar to the White Hat hackers, in the sense of protecting companies and systems. However (and this is where ‘vigilante’ comes into play), Red Hat hackers will not only bring the Black Hat hacker down, but they also launch counter-attacks against them, with the goal of not only taking them down, but to destroy their resources and computer.
  • Hacktivists: Think Anonymous. A hacktivist is a person or group that uses their techniques to hijack websites or accounts to leave a politically or socially motivated message, hoping to bring about a political or social change. A hacktivist is motivated by civil disobedience and tries to spread an ideology. Hacktivists believe they have something to prove, and that it is their job to do so.
  • Script Kiddies:  A script kiddie or a “skiddie” is an individual who lacks programming knowledge and uses existing software to launch an attack. A Script Kiddie will use already established tools to gain unauthorized access and then attack systems and computers, for example. They do not have the expertise to write their own scripts.

WHY HACK?

So, why hack? As mentioned above, a huge motivating factor is money. Black Hat hackers not only try to exploit information for ransom, but they also use the stolen information and credentials to try to gain access to banking information. Actually, they try to gain access to anywhere financial information is stored. Stolen, sensitive information is incredibly valuable on the dark web, not to mention the astronomical amount that this information could be ransomed for. Hence, another reason to hack, for the gain of personal information.

White Hat hackers are also motivated by money. However, their acts of hacking are towards the improvement of cybersecurity for a company, finding any vulnerabilities and correcting/patching them. 

Gray Hat hackers, again, fall somewhere in the middle. Finding issues without permission and then requesting payment to fix whatever vulnerability they exploited. Borderline cybercriminals.
Gray hat – gray area.

Another reason hackers hack is for the mere challenge. A survey acquired by Finbold illustrates that 68% of hackers will launch an attack just to be challenged and to see if they can. Script Kiddies can fall into this category. Imagine a person watches Mr. Robot and decides they want to be like Elliot. This can have unnerving consequences, and scary consequences for those they target. The survey also says that falling into second place is the monetary reason, coming in at 51%. Surprisingly too, hackers will hack out of sheer boredom and for the ‘bragging rights’.

And of course, there is the social and political change that Hacktivists seek. Hacktivists consider their ‘work’ as a form of protest for the greater good. However, in government eyes, this is still against the law. Breaking into government and corporate systems and executing a Denial-of-Service (DoS) attack is contrary to the work of Hacktivists – a ‘peaceful’ protest. 

CONCLUSION

Whatever the case or reason for hacking – the fact remains: hackers (of all types) are alive, well and looking for their next ‘score’. Often, hackers do not single out one specific company or website, hackers look for any vulnerability. It is everyone’s responsibility to be aware and well-informed. Technology is rapidly developing, and we cannot afford to let these advances result in user carelessness. As technology advances, so do hackers. Knowing and understanding the types of hackers will not protect you from becoming a victim of cybercrime; however, it is always good to know what potential threats are around the corner. Explore solutions to protect yourself and your data from bad hackers. Or employ an ethical hacker to combat the cybercriminal hacker types. Most importantly is to ensure you have the best cybersecurity preparedness and practices in place to protect what is yours. 


Lauren Abshire

Tags: , , , , , , ,