Presented by Norton Security

What is the difference between black, white, and grey hackers?

Not all hackers are inherently bad, and hacking isn’t an illegal activity unless the hacker is compromising a system without permission.

When used in mainstream media, the word “hacker” usually refers to cyber criminals.

But a hacker can be anyone, regardless of their intentions, who utilises their knowledge of computer software and hardware to break down and bypass security measures on computers, devices, or networks.

Many companies and government agencies employ hackers to help secure their systems.

Hackers are categorised by which type of metaphorical “hat” they don: “white hat”, “grey hat”, and “black hat”.

The terms comes from old spaghetti westerns, where the bad guy wears a black cowboy hat, and the good guy wears a white hat.

There are two main factors that determine the type of hacker: their motivations, and if they’re breaking the law.

Black Hat Hackers

Like all hackers, black hat hackers have extensive knowledge about breaking into computer networks and bypassing security protocols.

They’re also responsible for writing malware, a method used to gain access to systems.

Their primary motivation is usually for personal or financial gain. They can be involved in cyber espionage, protest, or perhaps are addicted to the thrill of cybercrime.

They range from amateurs spreading malware, to experienced hackers aiming to steal data – specifically financial information, personal information, and login credentials.

They also seek to modify or destroy data.

White Hat Hackers

White hat hackers choose to use their powers for good.

They’re sometimes paid employees or contractors working for companies as security specialists attempting to find security holes.

These hackers employ the same methods as black hats, except they do it with permission from the owner of the system – making the process legal.

They perform penetration testing, test security systems, and perform vulnerability assessments for companies.

There are even courses, training, conferences, and certifications for ethical hacking.

Grey Hat Hackers

Grey hat hackers are a blend of both white and black.

Grey hat hackers will often look for vulnerabilities in a system without the owner’s permission or knowledge.

If issues are found, they’ll report them to the owner – sometimes requesting a fee to fix the issue. If the owner does not comply, the hacker could post the exploit online for public viewing.

These types of hackers are not inherently malicious: they’re looking to get something out of their discoveries.

Usually, grey hat hackers will not exploit the vulnerabilities they find.

However, this type of hacking is still considered illegal as they didn’t receive permission from the owner prior to the attempted system attack.

Although the word hacker tends to evoke negative connotations, it’s important to remember that all hackers are not created equal.

If we didn’t have white hat hackers seeking out threats and vulnerabilities before the black hats can find them, there could be far more activity involving cybercriminals exploiting vulnerabilities and collecting sensitive data than there is now.

This article was published in partnership with Norton Security.

Latest news

Partner Content


Share this article
What is the difference between black, white, and grey hackers?