What Exactly Is a Hacker?

Hacker is a word that has been repurposed and its original meaning almost completely erased. It used to mean a gifted, driven programmer. The stereotypical hacker was practically obsessed with programming, often to the exclusion of any kind of regular social life. Instead, they’d pursue low-level knowledge of the inner workings of computers, networks, and—above all else—the software that controlled it all. 

With the spread of IT, cybercrime became a possibility and then a reality. The only people with the skills to have perpetrated the crimes were hackers, and so the term hacker became tainted. It became what it means to most people today. Ask someone to explain what a hacker is and they’ll describe someone with extensive knowledge of computers, operating systems, and programming and the criminal intent to access computer systems they shouldn’t have access to.

But even within this new definition of hackers, there are different types of hackers. Some people who try to compromise a network are the good guys. Using a trick from the black-and-white silent westerns, the good and the bad are told apart by the color hat they wear.

• A black hat hacker is the real bad guy. They’re the ones who compromise networks and perform cybercrime. They try to make money through their illegal activities.
• A white hat hacker has permission to try to compromise a network. They’re hired to test a company’s security.

In life, though, things are rarely black and white.

• A gray hat hacker behaves like a white hat hacker, but they don’t seek permission in advance. They test a company’s security and make a report to the business in the hope of subsequent payment. They break the law—hacking a network without permission is illegal, period—even if the company is grateful and makes a payment. Legally, gray hats operate on thin ice.
• A blue hat hacker is someone that isn’t skilled, but they have managed to download a low-skill attack software such as a distributed denial-of-service program. They use it against a single business that—for whatever reason—they wish to inconvenience. A disgruntled ex-employee might resort to such tactics, for example.
• A red hat hacker is the lone vigilante of the hacking world. They’re hackers who target black hat hackers. Like the gray hat, the red hat is using legally questionable methods. Like Marvel’s Punisher, they operate outside of the law and without official sanction, dispensing their own brand of justice.
• A green hat hacker is someone aspiring to become a hacker. They are black hat wannabees.
• Black hat and white hat are terms that are racially insensitive and we look forward to them being replaced in the same way black list and white list are being replaced. Threat actor and ethical hacker are perfectly good substitutes.

Criminal Hackers and Professional Hackers

• Professional hackers may be self-employed ethical hackers, available to test the defenses of any company that wants their security tested and measured. They may be ethical hackers who work for larger security companies, performing the same role but with the security of regular employment.
• Organizations may directly employ their own ethical hackers. They work alongside their counterparts in IT support to continually probe, test, and improve the organization’s cybersecurity.