In the world of cybersecurity, there are three main types of hackers. Black hat, who are the bad guys; white hat, the good guys; and grey hat, those that lie in between. There are other types though (depending on who you ask) such as Green hats (learners and observers), Blue hats (amateur black hats) and the heroic Red hats. Yes, heroic, because unlike white hats who treat hacking as a job to stop/prevent black hat operations, red hat hackers go after the black hats themselves.
Red hats are basically the vigilantes of the field of cybersecurity.
They’re described as hackers with the same dark skills as black hats or better. Unlike white hat hackers whose job is to identify and prevent attacks and keep attackers out, red hats will actively go after the attackers. They have enough confidence and skills to do so, or are able to identify whether the opponent is inferior enough to attack and destroy. Red hats can act individually or work in groups.
The way they engage other hackers is by hacking the attacker’s computers and sending their own malware with the goal of destroying their systems, temporarily or putting them out of business. They do not report errant hackers to law enforcement, they deal with black hats themselves, hence they are considered the vigilantes of the field of cybersecurity. Red hats are also described as being retaliatory, employed in various companies, wherein they retaliate against the hackers they detect trying to get into the company’s systems.
Another trait of red hats is that they tend to attack white hats that they disagree with. Hackers employed by their respective governments are considered white hats. Red hats have a high sense of justice or consider themselves more ethical than paid ethical hackers; such as members of the group Anonymous. Red hats will attack organizations, governments and institutions that they think are up to no good.
The existence of red hat hackers is sometimes disputed. The idea of a heroic hacker out to fight the evil ones seem too romanticized and that hackers that fall into this category are too few to even be classified. Plus, their aggressive behavior would place them in the black hat category. The idea that compensation does not matter, and the demise of their opponent is rewarding certainly doesn’t put them in with the grey crowd.
Hackers that actively go after other hackers could be paid white hats in, or hired by law enforcement. Or they can be other black hats with an axe to grind. Also, the idea of how red hats go out of their way to destroy the attackers’ systems seems like the stuff of legend. Another reason is the simple association with the Linux support provider, Red Hat.
In summary, red hat hackers are computer specialists that use their expertise to actually attack to disable or disarm criminal hackers—or those whom they think are criminals. These criminals include individuals, groups, organizations or even governments.