With the proliferation of artificial intelligence (AI) technology that is automating all aspects of both attack and defense, the cybersecurity threat landscape is changing more rapidly than ever. While much of the focus is often on how it is possible to adequately safeguard systems from these attacks, it is important to remember that there are human motivations behind these crimes. Cybercriminals have varied approaches that can range from plain brute force to elaborate coding. Their motivations can also be as simple as greed or as complex as governmental overthrow. Here’s a breakdown of the different classes of hackers.
Categories of Hackers: White Hat, Black Hat, Gray Hat
Although the film industry portrays hackers as computer geniuses rapidly inputting lines of code in an effort to break into a system, real life hackers are typically split into three camps: commonly referred to as black hat, white hat, and gray hat. The symbology is borrowed from the old westerns where it was immediately possible to identify the good guys from their white hats and the villains from their black ones. It’s worth noting that in an effort to use more inclusive language, these “hats” are also referred to as unethical hats, ethical hats, and semi-authorized, so for the purposes of this blog, we’ll use the inclusive language.
What is an Unethical Hacker?
Unethical hackers, often labeled as black hat hackers, are probably the most familiar to the general population. While they may have widely differing ultimate goals, they are categorized together by the fact that their purpose for gaining access to a system is malicious. These types of hackers use black hat hacking techniques to extort money, destroy reputations, cripple organizations and steal information.
What are Ethical Hackers?
Ethical hackers, also known as white hat hackers, are hired by an organization to test its defenses. Ethical hackers may employ many of the same techniques that unethical hackers do, but they are doing so at the behest of the organization that they are attacking. Ethical “hats” can provide valuable insights to security teams by identifying vulnerabilities before they can actually be exploited.
Semi Authorized Hackers
Semi-authorized hackers, or grey hat hackers, combine elements of unethical and ethical “hats”. They often view themselves as do-gooders who are testing computer defenses. However, unlike ethical hackers, they are doing so without the mandate of the organizations that they are attacking. Typically, when they do find a weakness, they will bring it to the attention of an organization in the hopes of gaining a reward.
Hackers in Action: Different Types of Hacking
While unethical hackers may be united by their malicious intentions, depending on their targets, their attacks can accomplish vastly different goals. In the instances of hacktivists, state-sponsored hackers, and cyber terrorists, hacking has become a favored weapon in the war against perceived injustices, a shadowy tool for waging war, and a means for sowing fear and unrest.
Hacktivists
Hacktivists, a portmanteau for hacker activists, are attackers with political or social motivations. They employ hacking as a means of bringing attention to a particular issue or causing damage to an organization that they feel represents or is responsible for the issues that they are fighting against. WikiLeaks and Anonymous are two high profile hacktivist groups that have made news in recent years.
State-Sponsored Hackers
State-sponsored hackers attack targets at the direction of a particular government. This is done for the purpose of weakening an opposing country or espionage. Recent examples of state sponsored hacking can be seen in Russian sponsored cyber attacks against critical infrastructure in Ukraine and China's Volt Typhoon, which attacked aspects of America’s critical infrastructure.
Cyber Terrorists
Cyber terrorists use hacking as a means of creating fear and chaos to undermine faith in a government or institution. Like conventional terror attacks, these acts are often carried out against perceived enemies to their belief system. Unlike hacktivists, cyber terrorists often employ threats of real world violence with their activities. In some instances, cyber terrorists can also be state-sponsored.
Why Motivation Matters with Different Kinds of Hackers
With the rapid adoption of AI in both the defensive and adversarial aspects of cybersecurity, it is more important than ever to reexamine the human actors behind hacking. Being forearmed with knowledge of their motivations and methods is instrumental in predicting where and when they will strike and developing comprehensive security strategies that will adequately safeguard against their attacks.
Although it will always be necessary to diligently defend against the threats that these bad actors present, it is equally important to understand who these attackers are, their motivations, and the types of attacks that they use. With this knowledge, security professionals can better safeguard against any attack. To learn more about hacking and types of hackers, explore the variety of content available at the RSAC Library. Visit our cybersecurity events calendar where you’ll find a wealth of educational content provided by industry leaders including links to upcoming virtual cybersecurity events.