Types of Hackers – The 6 Hats Explained

White Hat hackers (also known as ‘ethical hackers’) are professionals with expertise in cyber security, hired by organisations to ethically run hacking simulations in accordance with industry guidelines, to closely mimic real-world targeted attacks. By actively testing organisation’s defences, white hat hackers help businesses understand their security posture while also improving defences, reducing the likelihood of experiencing a cyber-attack, and ensuring continued business confidentiality, integrity, and availability.


Being the opposite to ‘Black Hat’ hackers, white hat hackers provide companies with ongoing support in the battle against cyber threats by actively keeping up to date with the latest cyber threats and testing assets within the organisation to find potential vulnerabilities..

The different ethical hacking job roles:

There are several roles associated with ethical hacking, the scope of which can vary depending on your area of expertise and the organisation/sector you are working in. Some of the most popular ethical hacking jobs include:

• Penetration tester - Penetration testers perform ethical, authorised tests on applications, systems, networks, and infrastructure to identify weaknesses. Penetration testers will often specialise in one system.
  
• Computer crime investigator - This role focuses more on what happens after post data breaches. From hacking to other types of illegal activity, a computer crime investigator will look at the systems auditing and monitoring systems to conclude on how and why something illegal occurred.
• Data security analyst - A data security analyst is usually an in-house role that focuses on identifying potential vulnerabilities within an IT system. They will then recommend and implement safeguards on to said assets to prevent breaches, such as creating firewalls and putting encryption in place.

Black Hat hackers are the stereotypical ‘hackers’ we mentioned during our introduction. Black hat hackers are criminals who attempt to gain unauthorised access to business assets to steal confidential information for their own financial gain. 

Many Black Hat hackers start as novice "script kiddies" using publicly available hacking tools to exploit security vulnerabilities whereas the upper echelon of Black Hats tend to be skilled hackers who work for sophisticated criminal organisations. Black Hat hackers often develop specialities, such as phishing or managing remote access tools. Some develop and sell malicious software themselves, but others may prefer to work through franchises or leasing arrangements, just like legitimate businesses.

Other illegal activities include

• Sending phishing emails and SMS messages.
  
• Writing, distributing, and selling malware like viruses.
• Denial of service (DDoS) attacks to slow down or crash business websites.
• Earning money for performing espionage.
• Finding and exploiting vulnerable databases, applications, security controls, websites, infrastructure, and any other vulnerable company assets.
• Selling financial and personally identifiable information on the Dark Web.
• Executing financial/identity fraud.
• Deploying brute-force attacks, scareware, botnets, man-in-the-middle attacks, advertising campaigns, etc.
• Blackmailing the victims using ransomware and spyware to encrypt, lock, steal, modify, and delete user data (Black hat hackers typically demand money to provide users back access to their files, system, databases, or the entire device).

Black Hat hacking is a global problem, which is why every business needs a strong security posture. The challenge for law enforcement is that hackers often leave little evidence, use the computers of unsuspecting victims, and cross multiple jurisdictions. Although authorities sometimes succeed in shutting down a hacking site in one country, the same operation may have multiple nodes in many countries, allowing cybercrime groups to operate 24/7.

The best protection against black hat hackers is to have the knowledge and awareness to avoid becoming a victim. Keeping your firewall optimal, updating, and running reputable antivirus software and applications, keeping operating systems up to date while also having the appropriate business policies and procedures in place are a few examples that can reduce vulnerabilities. Additionally, if you’d like to know more about keeping safe from black hat hackers, read our remote working blog.

Grey Hat hackers have all the skills of a Black and a White Hat hacker, but, the difference is, they don’t care about stealing, nor do they particularly want to help people. Instead, they like to play with systems and enjoy the challenge of finding gaps, breaking protections and generally just find hacking fun. Despite their skill set and the fact that they do break into systems, Grey Hat hackers will rarely do anything harmful. They break into things because they can, and then move on. Grey Hat hackers make up much of the hacking community,

Green Hat hackers are often described as the “newbies” in the world of hacking. Green hat hackers are not aware of the security mechanisms and the inner workings of the web, but they are keen learners and determined to elevate their position in the hacker community. Although their intention is not necessarily to cause harm, they may be if they choose to be.

Green Hat Hackers vs Script Kiddies

There’s another type of hacker that’s like green hat hackers — they’re known as ‘Script Kiddies’. – we mentioned them earlier. Script kiddies, like green hat hackers, are amateur hackers, but instead of learning new hacking techniques, they’re simply interested in downloading or buying publicly available malware, tools, and scripts online. The main difference between green hats and script kiddies are that green hat hackers are generally serious and hardworking, having a clear vision to improve their skills whereas script-kiddies are only interested in pre-existing scripts and codes to hack. This is generally because script-kiddies want to make a quick buck without putting in the time and effort to make something themselves. Green hat hackers often take the proper educational path, earning certificates, and taking skill development courses to learn hacking. But script kiddies simply find shortcuts 

Blue Hat hackers can be broken down in to two groups:

Vengeful and aggressive - but only if you create them:

These blue hat hackers often take existing code for malware and viruses they find online, then modify it to meet their needs. They use this code to target the business or individual they feel has wronged them to inflict revenge. Generally, Blue Hat hackers are only a problem if you’ve made someone angry and they have the expertise to make you regret doing so. This could be a customer, supplier, or current/previous employee.

Outside Security Professionals

Blue hat hackers can also be security professionals that work outside of an organisation. Companies often invite these blue hat hackers to test the new software and find security vulnerabilities before releasing it to the public. Sometimes, companies organise periodic conferences for blue hat hackers to find the bugs in their crucial online systems.
Blue hat hackers perform penetration testing and deploy various cyber-attacks without causing damage. Microsoft often organizes such invite-only conferences to test its Windows programs. That’s why some blue hats are known as blue hat Microsoft hackers.

Much like white hat hackers, red hat hackers try to take a more ethical approach to their work but decide they must operate in between the lines of good vs bad to achieve their goal.

Red hat hackers are like the ‘pseudo-Robin Hood of the cybersecurity field’ — they take the wrong path to do what they deem is the right thing to do - when they find a black hat hacker, they deploy dangerous cyber-attacks against them to limit their ability to perform malicious intent.

Red hat hacker tactics:

• Infecting the bad hackers’ systems with malware,
• Launching DDoS attacks,
• Using tools to gain remote access to the hacker’s computer to demolish it.
  

In short, red hats are the types of hackers who often choose to take aggressive steps to stop black hat hackers. They’re known to launch full-scale attacks to bring down the bad guys’ servers and destroy their resources.