Welcome to the movies, everyone! 🍿 Have you ever heard the term white hat or black hat hacker, and wondered what it means?
Well, in this article, you will learn how hackers are classified by comparing them to a Marvel or DC hero that more or less represents them and what they do.
What is a Hacker?
A hacker is an individual who uses their skills to breach cybersecurity defences. In the world of Cybersecurity, hackers are typically classified by a ‘hat’ system. This system likely came from old cowboy film culture where the good characters typically wore white hats and the bad ones wore black hats.
There are 3 major hats in the cyberspace:
- White Hats
- Grey Hats
- Black Hats
However, there are some others that have also cropped up over time such as:
- Green Hats
- Blue Hats
- Red Hats
Let’s dive in and learn what all these different types of hackers do, shall we? 🙃
White Hat Hackers
White hats are just like Marvel’s Captain America 🛡️. No matter the day, time, or age, they always stand up for what’s right and protect civilians and organizations at large by finding and reporting vulnerabilities in systems before the black hats do.
They usually work for organizations and take roles such as a Cybersecurity Engineer, Penetration Tester, Security Analyst, CISO (Chief Information Security Officer), and other security positions.
Under these organizations they perform tasks such as:
- Scanning networks
- Configuring IDSs (Intrusion Detection Systems)
- Ethically hacking computers to find vulnerabilities and report them so they can be addressed
- Programming honeypots (Traps for the attackers 😼)
- Monitoring network activity for suspicious activity
Famous examples of such hackers include:
- Jeff Moss (DEF CON founder)
- Richard Stallman (Founder of the GNU project)
- Tim Burners-Lee (Creator of the World Wide Web)
- Linus Torvalds (Creator of Linux)
- Tsutomu Shimomura (The man that caught Kevin Mitnick)
And if you want to hear more from the founder of a cybersecurity company herself, check out this podcast featuring Rachel Tobac.
Grey Hat Hackers
DCs’ Dark Knight and grey hat hackers have a lot in common 🦇. They both want to stand up for the right thing but use rather unconventional methods to do so.
Grey hat hackers are the balance between white hats and black hats. In contrast to white hats, they do not ask for permission to hack systems but do not perform any other illegal activities like black hat hackers.
Grey hats have quite a controversial history. This makes them hard to really classify, especially if their moral compass goes a little haywire down the line or what they did seems more black hat-ish than white hat-ish. Some even end up in jail for what they do.
But there are some that rise to be the heroes of the people and the enemy of the government and big organizations.
Some (in)famous examples of grey hat hackers are:
- Anonymous (World famous hacktivist group)
- HD Moore (Creator of Metasploit)
- Adrian Lamo (aka the homeless hacker)
- Khalil Shreateh (Hacked the facebook account of Mark Zuckerburg 🤣)
Black Hat Hackers
Time to introduce the harmful lot 🃏. The Joker and Black Hats are like peas in a pod. They perform illegal activities for financial gain, the challenge, or simply for the fun of it.
They look for computers that are vulnerable over the internet, exploit them, and use them to whatever advantage they can.
Black Hats use techniques for getting into systems just like white hats. However, they don’t use their defensive skills – rather, they up their game on the attack by doing things such as:
- Installing backdoors
- Maintaining access to compromised systems
- Performing privilege escalation
- Downloading private/sensitive/intellectual data
- Installing malware such as ransomware
- Creating phishing emails and links
Examples of infamous black hats include:
- Kevin Mitnick (Most wanted cybercriminal in U.S history)
- Julian Assange aka Mendax (Creator of Wikileaks)
- Hamza Bendelladj aka Bx1 (Latter owner of the ZeuS Banking Malware)
- Kevin Poulsen (Dark Dante)
- Robert Tappan Morris (Creator of the morris worm)
Mitnick, Poulsen, and Morris were criminally charged, served their sentences, and are good guys now. Mitnick founded a cybersecurity company. Poulsen created SecureDrop. And Morris became a professor at MIT (Don’t you just love a happy ending? 🤧).
Green Hat Hackers
Ms Marvel and Green hats are a match made in heaven 🌟. They are both young, enthusiastic, inexperienced and have the tendency to take risks and learn from their mistakes. Green hats are hackers that are new to the industry but are willing to learn to become great hackers.
Because of the availability and easy of use of hacking tools these days, it's pretty easy for a green hat to end up in trouble as they may not fully understand the full workings of the tool or target. But, they learn from their errors to gather experience.
Green hats may upgrade to White, Grey, or Black Hat hackers as they continue to move up the ranks.
Blue Hat Hackers
Okay, I know. John Wick isn’t a part of either DC or Marvel but Dynamite Comics’ greatest hitman is a favourite of any fan 🐶.
Mr Wick and Blue hat hackers share the same ideology: Revenge. You kill John Wicks dog, he’ll come after you. You bully or threaten a blue hat, they will also come after you, except it's your digital life on the gallows.
But due to what I can only guess to be cultural differences, a blue hat could also mean an external security professional brought in to test software for vulnerabilities prior to its release.
Red Hat Hackers
I think the character says it all ☠. The Punisher is a ruthless anti-hero that stands up for what is right but is never ever (and I mean ever 😬) going to give criminals second chances.
Red hats are the same. They target cybercriminals and damage whatever they can to disable criminal activities, permanently.
Red hats are hackers no one wants to mess with, not even a black hat. Other hackers usually attack Microsoft Windows computers but these hackers, they hack Linux computers.
They have no regrets, don’t think twice, and make black hats pay rather severely for their crimes by taking justice into their hands. They do this by destroying all data and backups of their target, and usually render the system useless.
And on that terrifying note, we have come to the end of this article. I hope you enjoyed it. And as I always say, Happy hacking! 🙃
Thanks to Chinaza Nwukwa, Holumidey Mercy, Georgina Awani, and my family for the inspiration, support and knowledge used put this post together. You guys are amazing.