This question is critically important in cybersecurity. It indicates whether you are a good hacker, a bad hacker, or a dubious hacker.
Here is a little background to help you decide. We have to start in the days of early John Wayne and Gene Autry Westerns. Known for playing the good guys in the wild west, they wore white hats, with few exceptions. The bad guys donned black hats.
The cyber realm follows this lead. White hat hackers, also called ethical hackers and penetration (pen) testers, break into systems at the request of the system owner. They test the system in order to identify vulnerabilities that make breaches possible. Pen testers document everything they find and present it to the system owner once they are finished testing the system. No ethical hacker worth their salt will hack a system without a clear and detailed contract between the system owner and themselves. Such a document protects them from facing criminal charges. White hats always operate within the law and ethical standards.
Black hat hackers have malicious intentions and operate outside of legal and ethical boundaries. There are many subsets of black hats based on their experience, areas of specialty, and motivation. There are too many subsets to describe here, but I will describe a few common ones. Strictly speaking, black hat hacking started before most people had a personal computer. Early hackers were phreakers, breaking into telephone systems in the 1950’s and 1960’s. Script kiddies are new to the game and lack the technical background to write their own tools so they depend on the code or scripts of others. Hacktivists (mashup of hacker and activist), like Anonymous, use hacking as a means of advancing their cause.
Grey hats are not malevolent, however, they cross ethical lines. They typically prod systems until they find a vulnerability. At that point, they usually report it to the system owner, frequently offering to help them fix it. It is not unheard of for a grey hat to publicly announce a vulnerability if the system owner refuses to address it. This happened with Facebook in 2013.
The term hacker, in everyday use, refers to a black hat hacker. While black hats should be dreaded, they are not the hackers in cyberspace. There are white hats like me out there, too.
Comments