Newspaper headlines and Hollywood movies have shaped our understanding of computer hackers, but in the real world it’s not so simple. Some hackers are making massive contributions to the field of cybersecurity, it just depends on which hat they’re wearing that day. Take a few minutes to learn about white, black, and gray hat hackers.
Hackers and cyber criminals actually stem back all the way to the 1950’s. When telephone aficionado, commonly known as “phreaks”, started hijacking world’s phone networks and making long-distance calls. By the 1980s, hackers became associated with teenagers who were being caught breaking into government computer systems — partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.
What similarities do they share?
According to Maximus Blackbourne, Chief Hacking Officer at BlackbourneWorldwide
https://www.linkedin.com/pulse/hacker-vs-cybercriminal-real-scoop-maximus-blackbourne-chfi-csm/ Both of these types of people are everywhere, much like the talked about Anonymous group. Hackers are: enthusiasts, security professionals, moms, dads, kids, grandparents, tech savvy individuals, clueless computer users, angry spouses, police, Private Investigators, etc. Hackers make up the majority of how companies find bugs in their software and ways to improve functionality.
“White hat”
Sometimes referred to as ethical hackers, or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck. Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the operating system on his computer, he finally released Linux, a secure open-source operating system.
“Black hat”
Closer to the definition that most people outside the IT world know and use, black hat hackers create programs and campaigns solely for causing damage. This may be anything from stealing information using malware to forcefully shutting down networks using denial-of-service attacks. Kevin Mitnick was the most infamous black hat hacker in the world. During the 1990s, Mitnick went on a two and half year hacking spree where he committed wire fraud and stole millions of dollars of data from telecom companies and the National Defense warning system.
“Gray hat”
Think of Elliot Anderson, or better known as Mr.Robot. Whether someone is a security specialist or a cybercriminal, the majority of their work is usually conducted over the internet. This anonymity affords them opportunities to try their hand at both white hat and black hat hacking.
For example, Marcus Hutchins is a known gray hat hacker. He’s most famous for testing the WannaCry ransomware until he found a way to stop it. During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He has been arrested and branded a “gray hat” hacker.
We now enter to the new era where we have the “Hacktivist”
Vic Hargrave, a trend micro writer, tells us, during the last several years a new class of hacker has emerged, the so-called hacktivist, who engages in hacking of computer networks and systems as a form of protest. You’ve probably heard about the group known as Anonymous, a collective of clandestine – and yes, anonymous – hackers who have taken down and infiltrated computer systems belonging to companies and governments with whom they have political disagreements.
Hacktivism does not fit neatly into either white hat or black hat categories. Unlike either their white hat or black hat counterparts, hacktivists are motivated by politics not profit. They find themselves at ideological odds with many organizations and feel justified in their computer attacks against them.
The world of cybersecurity is far more complicated than the stylized hacking in Hollywood movies. Internet-based warfare is not as simple as good guys vs. bad guys, and it certainly doesn’t give small businesses a pass. If you need a team of experienced professionals to help you tackle the complexities of modern cybersecurity, call us today.