Series on Information Security -(Weekly) - Part6
Though in day to day language we use the terminology "Hacker" for every kind of hacking activities that takes place but the Hackers community as a whole can be divided into categories. Let us see what these categorize are according to ethics and principles they follow,
a) Black Hat
b) White Hack
c) Grey Hack
d) Hactivist
a) Black Hat Hacker: Black Hat hacker is one that breaks into a system with malicious intent.The intention could be like, to steal, corrupt or destroy the data. The intentions a re clear and hence have criminal mindset. They generally get some kind of benefit out of it such as monetary benefit. These blackhat hackers are also known as crackers. Most of the hackers that we see in the movies (one of them is "Die Hard 4") are Black Hat hackers. Few of the examples of Black Hat hacking are stealing information such as credit card info, Denial of Service (DoS) thereby denying access to legitimate service, gaining unauthorized access to someone's email and reading it to find out crucial information, using someone's identity for personal gains (also known as identity spoofing) etc. Zero day attacks is good examples of Black Hat hackers, where the attacker exploit the vulnerabilities of the system that are recently found, is unknown to others or the exploit may not have fix available.
b) White Hat Hacker : Also known as Ethical Hackers. Generally they are the people who find out and exposes the loopholes in the system so that they can be addressed. They share the information about the issues found with the vendors of the product or to organizations that hired them to find out security issues in their systems.The information could be related to software, hardware,firmware or even with human weakness that they observed while carrying out their job. This helps vendors and organizations to provide updates, patch or methods to close the loopholes in the product or system. They basically use their skills and knowledge so as to protect systems from being misused and provides services to the companies that needs skilled people to find vulnerabilities and protect their infrastructure. Also may provide services to the organizations who are keen to understand the security posture of their organization.They provide such information by conducting tests such as as Penetration testing. However there are some genuine issues associated to Pen Testing such as Legal issues and loss of data.
c) Grey Hat Hacker: A Grey Hat hacker is someone who falls under the category between Black Hat and White Hat hackers. He uses his skills for legal purpose such as assisting security agencies. He also does some illegal acts for his personal satisfaction or to prove himself. He may not hack systems for any monetary gains. However it is difficult to draw a clear line for these type of hackers and that is why they are known as Grey Hat hackers.
d) Hactivist: It is an act of cracking into a system for social or political cause or reasons. The goal of hactivism is to bring something to everyone's notice by disrupting the services or sending some message that everyone will read so that their views are getting heard by a community at large so as to achieve a political goal. This is generally done by group of people or by one country against other. One of the examples of Hactivism is Nike.com was “hijacked” and visitors were redirected to an Australian labor rights site.There is a group that is very famous/infamous for such activities called as "Anonymous". They basically works on the ideology of "Freedom of Speech". When Julian Assange from Wikileaks was arrested, this group provided its support to Julian and targeted PayPal, VISA and MasterCard sites and forced them to be down.
a) Black Hat
b) White Hack
c) Grey Hack
d) Hactivist
a) Black Hat Hacker: Black Hat hacker is one that breaks into a system with malicious intent.The intention could be like, to steal, corrupt or destroy the data. The intentions a re clear and hence have criminal mindset. They generally get some kind of benefit out of it such as monetary benefit. These blackhat hackers are also known as crackers. Most of the hackers that we see in the movies (one of them is "Die Hard 4") are Black Hat hackers. Few of the examples of Black Hat hacking are stealing information such as credit card info, Denial of Service (DoS) thereby denying access to legitimate service, gaining unauthorized access to someone's email and reading it to find out crucial information, using someone's identity for personal gains (also known as identity spoofing) etc. Zero day attacks is good examples of Black Hat hackers, where the attacker exploit the vulnerabilities of the system that are recently found, is unknown to others or the exploit may not have fix available.
b) White Hat Hacker : Also known as Ethical Hackers. Generally they are the people who find out and exposes the loopholes in the system so that they can be addressed. They share the information about the issues found with the vendors of the product or to organizations that hired them to find out security issues in their systems.The information could be related to software, hardware,firmware or even with human weakness that they observed while carrying out their job. This helps vendors and organizations to provide updates, patch or methods to close the loopholes in the product or system. They basically use their skills and knowledge so as to protect systems from being misused and provides services to the companies that needs skilled people to find vulnerabilities and protect their infrastructure. Also may provide services to the organizations who are keen to understand the security posture of their organization.They provide such information by conducting tests such as as Penetration testing. However there are some genuine issues associated to Pen Testing such as Legal issues and loss of data.
c) Grey Hat Hacker: A Grey Hat hacker is someone who falls under the category between Black Hat and White Hat hackers. He uses his skills for legal purpose such as assisting security agencies. He also does some illegal acts for his personal satisfaction or to prove himself. He may not hack systems for any monetary gains. However it is difficult to draw a clear line for these type of hackers and that is why they are known as Grey Hat hackers.
d) Hactivist: It is an act of cracking into a system for social or political cause or reasons. The goal of hactivism is to bring something to everyone's notice by disrupting the services or sending some message that everyone will read so that their views are getting heard by a community at large so as to achieve a political goal. This is generally done by group of people or by one country against other. One of the examples of Hactivism is Nike.com was “hijacked” and visitors were redirected to an Australian labor rights site.There is a group that is very famous/infamous for such activities called as "Anonymous". They basically works on the ideology of "Freedom of Speech". When Julian Assange from Wikileaks was arrested, this group provided its support to Julian and targeted PayPal, VISA and MasterCard sites and forced them to be down.
Replies
You are reading an archived discussion.
Related Posts
Hi CEans,
Been a while since I posted here. I'm currently working on LoRaWAN (a LPWAN technology) in Malaysia. Did a quick search on CE and a bit surprised there...
Forty years after inventing battery chemistries that have touched the lives of billions, John Goodenough (95 years and going strong)is still on a mission.
At 95, John Goodenough Is Still...
CEan Anand Madanagopalan on the cover page story on Forbes India:
The life in tech | Forbes India
Smart valve train technology could breathe new life into internal combustion engine
The top scorers of the Simple Math Quiz conducted on Quizzr are as follows. Congratulations to everyone who appeared in the top 10! 😀