View Feed
group-icon
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12914 Members
Join this group to post and comment.
Rahul Jamgade
Rahul Jamgade • Jan 18, 2018

Series on Information Security -(Weekly) - Part6

Though in day to day language we use the terminology "Hacker" for every kind of hacking activities that takes place but the Hackers community as a whole can be divided into categories. Let us see what these categorize are according to ethics and principles they follow,

a) Black Hat
b) White Hack
c) Grey Hack
d) Hactivist

a) Black Hat Hacker: Black Hat hacker is one that breaks into a system with malicious intent.The intention could be like, to steal, corrupt or destroy the data. The intentions a re clear and hence have criminal mindset. They generally get some kind of benefit out of it such as monetary benefit. These blackhat hackers are also known as crackers. Most of the hackers that we see in the movies (one of them is "Die Hard 4") are Black Hat hackers. Few of the examples of Black Hat hacking are stealing information such as credit card info, Denial of Service (DoS) thereby denying access to legitimate service, gaining unauthorized access to someone's email and reading it to find out crucial information, using someone's identity for personal gains (also known as identity spoofing) etc. Zero day attacks is good examples of Black Hat hackers, where the attacker exploit the vulnerabilities of the system that are recently found, is unknown to others or the exploit may not have fix available.

b) White Hat Hacker : Also known as Ethical Hackers. Generally they are the people who find out and exposes the loopholes in the system so that they can be addressed. They share the information about the issues found with the vendors of the product or to organizations that hired them to find out security issues in their systems.The information could be related to software, hardware,firmware or even with human weakness that they observed while carrying out their job. This helps vendors and organizations to provide updates, patch or methods to close the loopholes in the product or system. They basically use their skills and knowledge so as to protect systems from being misused and provides services to the companies that needs skilled people to find vulnerabilities and protect their infrastructure. Also may provide services to the organizations who are keen to understand the security posture of their organization.They provide such information by conducting tests such as as Penetration testing. However there are some genuine issues associated to Pen Testing such as Legal issues and loss of data.

c) Grey Hat Hacker: A Grey Hat hacker is someone who falls under the category between Black Hat and White Hat hackers. He uses his skills for legal purpose such as assisting security agencies. He also does some illegal acts for his personal satisfaction or to prove himself. He may not hack systems for any monetary gains. However it is difficult to draw a clear line for these type of hackers and that is why they are known as Grey Hat hackers.

d) Hactivist: It is an act of cracking into a system for social or political cause or reasons. The goal of hactivism is to bring something to everyone's notice by disrupting the services or sending some message that everyone will read so that their views are getting heard by a community at large so as to achieve a political goal. This is generally done by group of people or by one country against other. One of the examples of Hactivism is Nike.com was “hijacked” and visitors were redirected to an Australian labor rights site.There is a group that is very famous/infamous for such activities called as "Anonymous". They basically works on the ideology of "Freedom of Speech". When Julian Assange from Wikileaks was arrested, this group provided its support to Julian and targeted PayPal, VISA and MasterCard sites and forced them to be down.

Share this content on your social channels -