It couldn’t be simple, we had to categorize them in order to tell the ‘good’ from the ‘bad’ and of course the in-between.
Black- Hat Hackers are the ones that are the most popular over different streams of media and most likely the ones that you may be more familiar with. These hackers are known to be the ‘bad guys’ since they wreak havoc in multiple industries and are usually motivated by personal or financial gain. Their goals are to steal personal information such as credit card numbers, social security number, and other personal data to use for malicious reasons or to sell to identity thieves. Black-hat hackers do not ask permission to infiltrate a system, instead they perform the breach illegally.
Black-hat hackers can be responsible for creating botnets or using the botnets to perform a DDOS attack.
“A black-hat hacker who finds a new, “zero-day” security vulnerability would sell it to criminal organizations on the black market or use it to compromise computer systems”.
White Hat- Hackers are the opposite of black hat-hackers, the white hat-hackers are the ‘good guys’ or ethical hackers. Yes, they still compromise systems but they do it with permission. Many times their goal is to find a security vulnerability that they will disclose to the organization so that improvements can be made to improve their defenses. This is known as penetration testing and is just one example of an exercise performed by a white-hat hacker.
When a white hat-hacker informs developers of vulnerabilities they have found, it allows patches to be made and security to be improved before the system is ever compromised. Often white hat-hackers will be compensated for their discoveries and time by the organizations.
You didn’t think it was that easy, did you? Between the Black and White Hackers are the Gray Hat-Hackers. They typically do not work for a personal gain, but can be unethical in their practices as well.
We know that black hat-hackers do not request permission to compromise a system and white hat-hackers ask for permission before they breach a system. Gray hat-hackers do not always request permission first before compromising a system and they will not always inform the vendor the privately of the breach. Instead, they may disclose the vulnerability publicly and although not use the information for their personal gain, by disclosing the information publicly it does open the door for black hat-hackers to take advantage on the system.
We tend to hear of the ‘bad guy’ hackers, the ones who are out to steal personal information and use it for personal gain, however we don’t hear a lot about the ‘good guy’ hackers whose purpose is to assist organizations and find their vulnerabilities. The gray hats fall between the cracks as well, however keep in mind that there are different categories where hackers are concerned. Not all hackers are bad. Not all hackers are good. It’s best to be prepared regardless and have a solid cyber security plan in place.