Hacker, is a common term for computer professionals who use their expertise in hardware and software to find and exploit vulnerabilities in computer systems, computer networks and individual electronic devices. To the general public, the term hacker is also commonly associated to criminals that break into corporate computer systems for personal gain. But within information technology circles, the term hacker is not as simple nor is it just black and white.
Within computing circles, there are actually three main types of hackers. Black hat hackers, white hat hackers and grey hat hackers. All hackers are highly-skilled individuals when it comes to computing, and are mainly differentiated by their motives in trying to infiltrate a computer system or bypassing securities of individual devices. Even amateur hackers have skills above the average computer professional.
Let’s begin with black hat hackers. Before we proceed, the term ‘hat’ is purely metaphorical. They don’t actually wear hats. In spaghetti westerns, the bad guys often wear black hats while the good guys wear white. In that context, the black hat hackers are the bad guys, whom the general public are more familiar with. These are the guys responsible for hacking into bank accounts to steal people’s money or hack into government agencies to steal and sell information.
Black hat hackers spend their time finding ways to infiltrate computer systems and networks for personal and financial gain, through illegal means. They can hack through systems manually, and also automatically by creating malware, in order to seek out vulnerabilities in systems, exploit those vulnerabilities, control vulnerable systems, steal data or maliciously destroy them.
Motives can vary, but financial gain is common. Sometimes they hack, control and damage systems on a whim, as a prank, as a method of protest or to simply enjoy the thrill, the satisfaction of being able to punch through a system.
White hat hackers are otherwise known as “ethical hackers”, or nowadays referred to as security specialists. They’re basically the good guys; out to find vulnerabilities in systems in order to inform the system owners so those vulnerabilities are patched for the good of all. This is of course done with the system owner’s permission, and white hat hackers are given security clearance as much as the system owner can afford to provide.
White hat hackers are contracted by system owners in order to make their systems more secure and robust. Any security vulnerabilities can be patched in-house or by the hackers themselves. Having permission makes their efforts completely legal or “ethical”.
Methods and skills? Basically the same as black hats, as they need to be just as skilled or even better because security should always be one step ahead, or at least keep in pace.
As the color suggests, grey hat hackers lie in between. Just as skilled as black hats and white hats, but not as altruistic. They will infiltrate networks and seek out vulnerabilities without permission but do not cause harm. They will share their findings but only for a price; and if the vulnerabilities are serious enough, the system owners will pay up and give their intrusion a free pass.
Though they also dabble in the dark arts of creating malware, and like the guy who stopped the infamous WannaCry ransomware are suspected of releasing them. Grey hats can be considered the anti-heroes in the world of cybersecurity.