What’s the first thought that comes to mind when you think about hackers? Chances are you’ll picture an individual with a black hoodie, head covered, who’s typing something on a laptop. Add some random numbers actively shifting in the background too and we’ve got the most common representation of hackers. We’ve all seen this image at least once. While it might not impact you now, back when you first saw it (probably when you were a kid), I’m guessing it made you feel at least a bit uneasy. And, considering there’s a phobia describing the fear of being hacked – hacker phobia – it’s safe to say they don’t have the best reputation.
In our last piece, we shared some tips on being cyber-safe and keeping viruses away from your devices. We dived deeper into the origin story behind computer viruses and how they started as a way for programmers to test their code, improve it, or make pranks on their colleagues. Now, we’re moving the focus toward hackers, to see if they’re synonymous with cyber-criminals. Spoiler alert: not all of them are cyber-criminals. Many have the opposite intentions – to keep people safe online by finding security vulnerabilities and reporting them before the actual “bad guys” spot them.
Brief History of Hackers
Whaaaat? Aren’t hackers always the “bad guys” of the internet? Well, some of them are, but many aren’t. Around 60 years ago, MIT became the home of the first hackers. Their job? To improve MIT’s existing programs: make them work faster, better, and smoother. The term’s first public appearance was in 1963, in MIT’s newspaper, The Tech. There you’ll see hackers’ first major accomplishment ever recorded – improving the telecommunication services between MIT and Harvard. On a different note, we have Kevin Poulsen, also known as “Dark Dante”, who, together with a friend, hacked the ARPANET network in 1983. They breached computers from the Stanford Research Institute, a Bay Area think-thank for classified military projects, the Naval Research Laboratory in Washington D.C., and many other public institutions. This would be the first negative “major accomplishment” ever recorded.
In their 60 years of existence, hackers’ reputation has been similar to a good vs evil fight. Think about comic book characters: they get to choose whether to use their powers for good or bad. That’s how we can tell if they’re superheroes or supervillains, right? Yes, only it’s not always a this/that kind of situation. When we’re unsure whether to place a character in the good or bad section, there’s the option to place them in a gray area. An example here would be Deadpool, who alternates between committing good and bad deeds. With hackers, we have highly-skilled individuals who make systems better, break them, and those in the gray area. Let’s see how to categorize them based on their actions:
Types of Hackers
As their tasks, purpose or context can vary a lot, hackers can wear one of the 6 incoming hats. Each category has a defining color, hinting at their type of actions.
They’re the internet’s ethical hackers. They look for vulnerabilities using only legal methods and report them to the system’s owner. White hat hackers contribute to developing and improving a system’s cybersecurity and are (usually) financially compensated after. An example here is the bug bounty program available at several companies. Some examples of such programs are the ones from Google, LinkedIn, Intel, or Apple. For more examples of bug bounty programs, go here or here.
Also known as the ones who maliciously exploit a system’s vulnerabilities. Or the cyber-criminals we all know about. They break into systems for monetary gains, to ruin them, to steal or destroy data, and so on. One of the reasons can also be to just have fun, without a deeper meaning behind it (e.g. Kevin Poulsen, a.k.a. “Dark Dante” didn’t have a reason to break into the ARPANET network).
As the name suggests, they are a merger between white and black hatters. While they will not destroy your system, steal data, or do anything to fully damage systems, they might use more than just the legally-approved methods to break into it. Contrary to black hat hackers, the gray hatted ones don’t look for financial gains, but entertainment or civic justice. There is a subcategory here called hacktivists – they are politically or socially motivated hackers. As the name suggests, they want to expose public problems. But they might break a law or two in the meantime.
Or the ethical hackers who fight back. They’re similar to white hackers, ethically finding vulnerabilities and drawing attention to them. The difference is that they’ll go a bit further than just reporting vulnerabilities. They’ll also attack a black hat hacker’s system, trying to infect their computer with viruses or break into their network to disrupt their computing resources.
Their role has multiple definitions. When they’re “someone outside computer security consulting firms who bug tests a system prior to its launch, looking for exploits so they can be closed” (source), they’re part of the ethical hackers’ spectrum. Also, they can be associated with external security specialists invited by Microsoft to perform bug tests on Windows.
Another definition for blue hatters refers to them as “revenge seekers”. They don’t have motivations such as financial gain, fame, or other similar compensation. Personal revenge is what drives them. They might do things such as breaking into social media or email accounts. Then, they’ll post or send inappropriate messages to harm their target’s reputation (source).
The juniors of the hacking world. Being at the start of their hacking career, they currently lack capabilities but work on learning and improving. Due to being novices, they might be harmful as they’re not yet “ aware of the consequences of their actions — or, worst, how to fix them” (source).
Isn’t it reassuring to know there are good hackers too? It’s not just us against black hatters. We’ve got an army of hackers who use their knowledge to help us stay cyber-safe. They participate in improving systems and networks through various ways, with ethical methods (white hat hackers) and not-so-ethical methods (red hat hackers). If you want to read more about these categories, check out this, this, or this article.
If you’re curious for more on the history of hacking, check out this timeline showcasing its evolution. There’s also the Hacker History podcast that, as its name suggests, dives deeper into the world and history of hacking. And, it also has hackers as guests. Besides these, you can also check the YouTube channel CyberNews – they have a short video that focuses on the history of cybersecurity and hacking and many other videos tackling topics relevant to this domain (from news to interviews, reviews, and deep dives into industry subjects).