White Hats Hackers
White hats are the good guys, the ethical hackers who use their hacking skills for defensive
purposes. White-hat hackers are usually security professionals with knowledge of hacking
and the hacker toolset and who use this knowledge to locate weaknesses and implement
countermeasures. White-hat hackers are prime candidates for the exam. White hats are
those who hack with permission from the data owner. It is critical to get permission prior
to beginning any hacking activity. This is what makes a security professional a white hat
versus a malicious hacker who cannot be trusted.
Black Hats
Black hats are the bad guys: the malicious hackers or crackers who use their skills for illegalor malicious purposes. They break into or otherwise violate the system integrity of remote
systems, with malicious intent. Having gained unauthorized access, black-hat hackers
destroy vital data, deny legitimate users service, and just cause problems for their targets.
Black-hat hackers and crackers can easily be differentiated from white-hat hackers because
their actions are malicious. This is the traditional definition of a hacker and what most
people consider a hacker to be.
Gray Hats
Gray hats are hackers who may work offensively or defensively, depending on the situation.This is the dividing line between hacker and cracker. Gray-hat hackers may just be interested
in hacking tools and technologies and are not malicious black hats. Gray hats are
self-proclaimed ethical hackers, who are interested in hacker tools mostly from a curiosity
standpoint. They may want to highlight security problems in a system or educate victims
so they secure their systems properly. These hackers are doing their “victims” a favor. For
instance, if a weakness is discovered in a service offered by an investment bank, the hacker
is doing the bank a favor by giving the bank a chance to rectify the vulnerability.
From a more controversial point of view, some people consider the act of hacking itself
to be unethical, like breaking and entering. But the belief that “ethical” hacking excludes
destruction at least moderates the behavior of people who see themselves as “benign” hackers.
According to this view, it may be one of the highest forms of “hackerly” courtesy to
break into a system and then explain to the system operator exactly how it was done and
how the hole can be plugged; the hacker is acting as an unpaid—and unsolicited—tiger
team (a group that conducts security audits for hire). This approach has gotten many ethical
hackers in legal trouble. Make sure you know the law and your legal liabilities when
engaging in ethical hacking activity.
Many self-proclaimed ethical hackers are trying to break into the security field as consultants.
Most companies don’t look favorably on someone who appears on their doorstep
with confidential data and offers to “fix” the security holes “for a price.” Responses range
from “thank you for this information, we’ll fix the problem” to calling the police to arrest
the self-proclaimed ethical hacker.
The difference between white hats and gray hats is that permission word. Although gray
hats might have good intentions, without the correct permission they can no longer be considered
ethical.
Now that you understand the types of hackers, let’s look at what hackers do. This
may seem simple—they hack into computer systems—but sometimes it’s not that simple
or nebulous. There is a process that should be followed and information that needs to be
documented. In the next section, we’ll look at what hackers, and most importantly ethical
hackers, do.