WHITE HAT HACKING VS. BLACK HAT HACKING VS. GRAY HAT HACKING

Hackers aren’t inherently bad — the word “hacker” doesn’t mean “criminal” or “bad guy.” The terms “white hat”, “black hat” and “gray hat” define different groups of hackers based on their behavior. The definition of the word “hacker” is controversial, and could mean either someone who compromises computer security or a skilled developer in the free software or open-source movements.

WHITE HAT HACKING

White hat hackers choose to use their powers for good rather than evil. Also known as “ethical hackers,” white hat hackers can sometimes be paid employees or contractors working for companies as security specialists that attempt to find security holes via hacking. They’re experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes.

White hat hackers employ the same methods of hacking as black hats, with one exception- they do it with permission from the owner of the system first, which makes the process completely legal. White hat hackers perform penetration testing, test in-place security systems and perform vulnerability assessments for companies. A white-hat hacker who finds security vulnerability would disclose it to the developer, allowing them to patch their product and improve its security before it’s compromised. Various organizations pay “bounties” or award prizes for revealing such discovered vulnerabilities, compensating white-hats for their work.

BLACK HAT HACKING

Black hats are criminals. They use their prowess to find or develop software holes and attack methods (aka zero day vulnerabilities and exploits) or other malicious tools to break into machines and steal data, such as passwords, email, intellectual property, credit card numbers or bank account credentials. They also sell information about the security holes to other criminals for them to use. Black hats are, obviously, considered the bad guys.

Like all hackers, black hat hackers usually have extensive knowledge about breaking into computer networks and bypassing security protocols. They are also responsible for writing malware, which is a method used to gain access to these systems. A black-hat hacker who finds a new, “zero-day” security vulnerability would sell it to criminal organizations on the black market or use it to compromise computer systems.

Their primary motivation is usually for personal or financial gain, but they can also be involved in cyber espionage, protest or perhaps are just addicted to the thrill of cybercrime. Black hat hackers can range from amateurs getting their feet wet by spreading malware, to experienced hackers that aim to steal data, specifically financial information, personal information and login credentials. Not only do black hat hackers seek to steal data, they also seek to modify or destroy data as well.

GRAY HAT HACKING

Gray hats fall into the middle ground between these two other hacker categories. Gray hats sell or disclose their zero-day vulnerabilities not to criminals, but to governments—law enforcement agencies, intelligence agencies or militaries. The governments then use those security holes to hack into the systems of adversaries or criminal suspects. Gray hats can be individual hackers or researchers who uncover flaws on their own, defense contractors who have hacking divisions tasked specifically with uncovering flaws for a government to use, or boutique broker firms.

All of these kinds of hackers are considered gray hats because they’re selling to parties that will presumably use the vulnerabilities responsibly for the public good, although that is not necessarily the case. There are governments that use zero days to spy on dissidents, political rivals and others.

If a gray-hat hacker discovers a security flaw in a piece of software or on a website, they may disclose the flaw publically instead of privately disclosing the flaw to the organization and giving them time to fix it. They wouldn’t take advantage of the flaw for their own personal gain — that would be black-hat behavior — but the public disclosure could cause carnage as black-hat hackers tried to take advantage of the flaw before it was fixed.

As in life, there are gray areas that are neither black nor white. Gray hat hackers are a blend of both black hat and white hat activities. Often, gray hat hackers will look for vulnerabilities in a system without the owner’s permission or knowledge. If issues are found, they will report them to the owner, sometimes requesting a small fee to fix the issue. If the owner does not respond or comply, then sometimes the hackers will post the newly found exploit online for the world to see.

These types of hackers are not inherently malicious with their intentions; they’re just looking to get something out of their discoveries for themselves. Usually, grey hat hackers will not exploit the found vulnerabilities. However, this type of hacking is still considered illegal because the hacker did not receive permission from the owner prior to attempting to attack the system.