When we think of the word “Hacker” what do we associate with? I believe 90% of non-technical people will think of a hacker as someone that is up to no good and often do illegal stuff, like hacking our computer.
Well, my mission here today is to save the hacker’s reputation (at least those good one). Because believe it or not, there are 2 types of hackers available in this world, one good and one bad. The bad one is what people generally think about when they come in contact with the word “hacker”. In the technical world, we call it Black Hat.
The good one, who we call White Hat, are those who do hacking for the good, and with permission. And there is another bonus one, that stuck in the middle of good and bad, we call it Gray Hat. Let me share with you one by one, what each of them does.
Types of hacker
We need to get our perception clear that there are various types of hacker and not all of them are bad. In fact, many of them are good and companies even employ them to hack their system to check their cybersecurity and system vulnerability. Below are 3 types of hackers.
These hackers are the black sheep for the hacker community. When people say hacker, they are generally referring to black hat hacker. These hackers are people who do illegal things in order to fulfill their own interest, whether it is in monetary form or any other way like protest and espionage.
Sometimes, black hat hacker is not just looking to steal data or money from people, their motive, sometimes, might be to destroy or modify data to their best interest or to show as an act of revenge.
These are good people. They are the one who uses their knowledge professionally to bring benefit to society or their employer. White hat hackers are also sometimes called ethical hacker because they are doing hacking with permission and a good motive. Usually, white hat hackers will use the same method as black hat hackers to hack a system, but the only difference is the “victim” give white-hat hacker permission to hack their device, normally to find vulnerability or loophole in their cybersecurity, whilst black hat hacker doesn’t have the permission.
White hat hackers will usually obtain their hacking knowledge through courses like Pentest, or Penetration Testing as this course will teach them the most effective way to hack but will from time to time remind them to use it for good.
And the people are standing in the middle. Gray hat hacker, by nature, is not bad. They don’t seek to gain benefit for themselves, but to assist in achieving something that, if follow the legal way, is difficult to achieve. Anonymous Group is arguable a gray hat hacker group.
There are many cases where Anonymous help government body to fight crime. However, although they are doing a good thing, by law, their action is still considered as illegal because they are performing hacking on a victim who is not giving them permission to do so.
Getting a White Hat for your company
It is best to find your security loopholes before Black Hat finds it, and the best way to do that is to hire a white hat yourself. There are few ways one can hire White Hat for their company. The first way is to train your own security people by sending them for Penetration Testing or Pentest professional training.
This is good when you consider that they know your system so well, it is easy for him or her to hack your system and find flaws. The cons, however, is that they are too familiar with the system, they sort of fall into the comfort zone and might overlook some minor flaw that might result in a catastrophic security breach.
The other way is to hire cybersecurity firm that specializes in this. The benefit of doing so is because these firm is hacking your system as a third party, which therefore means they won’t let any opportunity slip away. The con is; however, it takes time and resource to do so.
A big corporation often has this kind of situation where they separate their security team into 2, one focus on hacking their system and the other focus on defending it. This will help create a competitive environment that encourages both sides to do their best to hack or defend the system so to find the company system’s vulnerability.
There are many types of hackers and not every one of them is bad. However, it is always safe to keep ourselves aware of the cybersecurity environment to make sure we don’t get hack, regardless of what color of hat they are wearing. After all, we should not play we hackers.