Introduction
When one hears the word “hacker,” one typically thinks of cyber terrorists and criminals. People are stealing money from banks, shutting down facilities, acquiring private info, and locking owners out of their computers. It has effectively become a pejorative for illegal activities as well as bypassing computer security. It has not always been this way; the term “hacker” came from the 1960s, referring to extremely skilled programmers running FORTRAN and other coding languages (Grimes, 2017).
Nowadays, the profession revolves around identifying weaknesses in computer and network security. With the increased digitalization of every aspect of our everyday lives, the ubiquitousness of smartphones, and the emergence of IoT (Internet of Things), hackers have become both an incredible liability and an asset (Grimes, 2017). They are typically characterized using a color scheme: Black, White, and Gray (Grimes, 2017). The purpose of this paper is to describe each type of hacker and what they do in relation to computer security.
White Hat Hackers
White hat hackers are individuals who use their security bypassing skills for good causes. They are typically hired by organizations to test their systems against unwanted intrusion (“White Hat Hackers,” 2021). A white hat hacker will attempt to overcome all defenses the organization has to offer, often without causing damage. Should those vulnerabilities be detected, they are quickly fixed (“White Hat Hackers,” 2021). In some scenarios, a hacker will be allowed to do damage to systems in order to enable the company to test its data recovery strategies.
The three methods utilized in White Hat hacking include deep-scanning the existing networks for malware, trying to break into the protected systems, and using the human factor to bypass firewalls. The human factor is often overlooked by companies that do not train employees to use safety measures when working with outside documents (Grimes, 2017). Clicking on dangerous links, inserting foreign flash devices without scanning them first, and sharing account information with third parties are some of the most glaring weaknesses. The effects of White Hat workers are evidenced in everyday life.
Most organizations with a large digital presence tend to have higher security and lower downtimes (“White Hat Hackers,” 2021). At the same time, smaller companies that cannot afford to test their systems are more vulnerable to security leaks.
White hats working for companies have the potential to become dangerous Black Hats. The danger stems from familiarity with the security systems of their clients. They could purposefully leave backdoors for themselves to exploit later (Grimes, 2017). Dealing with reputable White Hats, thus, is very important for businesses that wish to protect themselves, their assets, and their customers.
Black Hat Hackers
Black Hat hackers fit the stereotype currently present in society. These individuals are criminals that commit illegal cybersecurity intrusions to achieve self-serving objectives. The most common goal is to achieve monetary rewards either by direct theft, blackmailing, or ransom. An example would be the WannaCry ransomware of 2017, which affected over 400,000 businesses across the world (“What is a Black-Hat Hacker,” 2021). It managed to extort only about 120,000 USD before decryption responses and tools emerged to assist those affected.
In many cases, Black Hats are working not to profit directly but to cause damage. These types of hackers are associated with cyberterrorism and are often on the payroll of specific countries or political organizations (“What is a Black-Hat Hacker,” 2021). The US, Russia, and China are some of the most frequent practitioners of such activities (Grimes, 2017). Terrorist organizations, such as ISIS and Al-Qaeda, are also known to engage in hacking as means of undermining their enemies and finding ways to fund their activities.
Finally, cyber-espionage is something both freelancing, and payroll Black Hats do. The information they discover through illegal access can either be ransomed for money, sold on the black market, or otherwise utilized to further the goals of specific people, organizations, and countries (Grimes, 2017). The most prominent example of recent years includes the hacking of Hillary Clinton’s mail in 2016, which potentially swung the presidential campaign in Donald Trump’s favor.
There is some good to Black Hats’ existence, however. The best White Hats come from having worked extensively outside of the law. They are the most familiar with the latest methods of Black Hat hacking, thus making it possible to prevent attempts and reinforce security (Grimes, 2017). Finally, they may have access to sources and connections exclusive only to them, thus enabling them to predict and prevent attacks before they even happen.
Gray Hat Hackers
On an ethical scale of good vs. bad, gray hackers are firmly in the middle. While they perform activities that could be considered criminal, they do so for good reasons. Namely, they often hack websites, facilities, and infrastructure without the owner’s request or permission to expose security vulnerabilities (“White Hat Hackers,” 2021). They see their actions as beneficial to businesses and society as a whole. The real intentions behind their actions vary – some are genuinely interested in the public good, while others do it for publicity (“White Hat Hackers,” 2021). Finally, there are individuals who do it for entertainment purposes, to sate their own curiosity, while ignoring privacy and a plethora of laws.
Some Black Hat hackers consider themselves to be this, as they attempt security breaches not for personal gain but in the name of the greater good. An example of this would be WikiLeaks, which employs the services of hacking organizations, such as Anonymous, to disclose classified documents of various government entities, exposing corruption and other crimes (Grimes, 2017). Many other organizations target business and political entities, but their motives are suspect, often attributed to machinations of opposing parties.
Overall, while Gray Hats think of themselves as heroes and Robin Hoods of the digital world, the rest of the cybercommunity often disagrees with their methods. As time passes, individuals from this group become either White or Black Hats, depending on the sincerity of their motives (Grimes, 2017). Despite the announced harmlessness of their activities, Gray Hats often end up doing more damage than they expect, either through poor hacking methods or by highlighting the weaknesses of a system for Black Hats to exploit.
Conclusions
The stereotype of a hacker depicts only one side of a complex issue. There are different kinds of hackers, each with its own methods, ethics, and agendas. With digital devices and software evolving, hacking will become even more widespread. The demand for cybersecurity specialists to be well-versed in Black Hat hacking methods would give rise to White Hackers becoming a recognized profession. The alternative to the rise of hackers would be to back away from digitalization, making systems less prone to outside interference while sacrificing many advantages brought by global interconnection. History shows that technological progress cannot be halted or stopped. It means that there is only one way – forward, meeting the challenges of cybersecurity as they arise head-on.
References
Grimes, R. A. (2017). Hacking the hacker: Learn from the experts who take down hackers. John Wiley & Sons.
“What is a Black-Hat Hacker?” (2021). Kaspersky. Web.
“White Hat Hackers: The Good, the Bad, or the Ugly?” (2021). Kaspersky. Web.