Let's try a quick exercise. Close your eyes. When you hear the word “hacker,” what do you think about?
A socially awkward Dennis Nedry type, chugging energy drinks while compiling code rapid fire at his garbage-strewn desk? A faceless, shadowy figure all in black à la Elliot Alderson—what Death would look like if he started wearing hoodies?
Thanks to Hollywood, the media, and even American politics, the lone hacker trope is alive and well. The truth is, there are a multitude of personas that represent hackers, with an equally diverse set of agendas.
Let’s take a closer look to find out who hackers really are.
History of the word “hacker”The verb “hack” first appeared in the English language at the turn of the 13th century. Its original meaning was to cut with heavy blows in an irregular fashion. The first time “hack” was used in relation to technology was in the 1950s at the Massachusetts Institute of Technology (MIT), where hacking meant working on a tech problem in a different, more creative way; to differ from instructions included in a manual, for example. In this way, hacking had fairly positive connotations.
But soon a different, darker definition would take hold. (One that better aligns with the definition of “hackney,” which refers to a person who does undistinguished work.) In the 1960s at MIT, popular opinion divided computing students into two groups: the “tools” who showed up to class every day, studied hard, and got As, and the “hacks” who ditched class, slept in, and spent their nights passionately pursuing recreational hobbies and activities.
By the 1970s, “hacker” had morphed into someone who lives and breathes computers, one who enthusiastically or even obsessively enjoys programming, and who can get a computer to do anything. According to The Jargon File, a glossary for computer programmers that was created in 1975, it also could mean “a malicious meddler who tries to discover sensitive information by poking around.”
Thus the ground was laid for dueling definitions of a hacker. But as the term entered popular lexicon in the 1990s, it was the malicious meaning that took hold. Today, the most popular definition of “hacker” is a person who uses computers to gain unauthorized access to systems or data.
Hackers wear many hatsThose in tech circles often describe hackers as belonging to one of three categories: white hat, black hat, or gray hat. In the most basic of descriptions, the white hats are the good guys, the black hats are the bad guys, and the gray hats are neutral.
White hats are considered ethical hackers. They’re experts in compromising computer systems, and they use their skills to help protect users and networks from a criminal breach. In fact, we employ quite a few white hat hackers here at Malwarebytes. White hats often work as security researchers or malware analysts, testing systems and software programs for vulnerabilities, and identifying weaknesses in companies’ infrastructures that could be exploited and/or infected. Their work is legal, sanctioned, and compensated (sometimes handsomely).
Black hats are at the other end of the hacking spectrum. They’ll use a similar skill set as white hats, but their intentions are not to protect systems. Instead, they look to cause damage to their targets, whether that’s stealing personal data for monetary gain or coordinating attacks on businesses for revenge. Black hats’ criminal activity ranges from targeting individuals for state-sponsored espionage to widespread corporate breaches, and their efforts may be conducted from outside an organization or embedded within as an insider threat.
Finally, gray hats occupy the vast realm in between good and evil. They may not be trying to cause intentional harm, but they might also be operating outside the law. They might identify as cybervandals or perhaps they’re rogue researchers, publicly announcing vulnerabilities to bring attention to a problem. For example, a gray hat could compromise a system without an organization’s permission, but then inform the organization after the fact in order to help them fix the problem. Gray hats often sell security vulnerabilities to government agencies, companies, or the military—as was the case for the hacker who found the flaw in the San Bernadino terrorist’s iPhone and sold it to the FBI.
50 shades of hackersBetween the most altruistically-motivated white hat to the deeply-sinister black hat, there is a wide range of hacker personas, each guided by the intentions behind their hacking. In fact, it’s fair to say that there are as many types of hackers are there are professional and personal motivations. However, in the white hat world, boundaries are more clear cut. Hacking is usually pursued as a profession instead of a recreation. Gray hats wade in much murkier waters. Their agenda isn’t always malicious, but their means are less than legal. But it’s within the black hat subculture where the greatest diversity exists.
Black hats might also be called cybercriminals or threat actors, as umbrella terms. Within that umbrella, a large portion of criminal hacking activity is motivated by financial gain. Cybercrime is a billion-dollar business and growing. In fact, the more talented hackers profit from not only targeting businesses and individuals, but also selling their tools to less technically capable crooks (aka “script kiddies”)—whether that’s ransomware-as-a-service or exploit kits for hire. Global dummy corporations have cropped up in order to deliver bloatware and other questionable programs. These aren’t lonely adolescents sitting in mom and dad’s basement. If you need a mental image, think less Hackers and more American Psycho.
Another type of cybercriminal, called a hacktivist, is more politically motivated than financially. The primary intent of a hacktivist is to bring public attention to a matter, whether that’s by embarrassing their targets or disrupting their operations. Two of the most common ways hacktivists do this are by stealing sensitive information and exposing it, as in the Ashley Madison breach, or launching a denial of service (DDoS) attack that overloads and crashes an organization’s servers, effectively shutting down public access to its website.
At the deep end of the dark side of hacking are state-sponsored attackers. State-sponsored hacking is government-approved (though not publicly), whether via cyberespionage or large-scale breach. Growing evidence points to both China and Russia as major offenders, including attacks on the Democratic National Committee and attempts to interfere with the 2016 election. Even the United States has gotten its hands dirty.
At the tip of this evil pyramid are cyberterrorists, who are also often state-sponsored, but whose intentions are to strike fear into the hearts and minds of the public. Cyberterrorism is the politically motivated use of computers and information technology to cause widespread distress and disruption. It has the potential for crippling critical infrastructure, military, and national security, as well as destabilizing the financial sector. Cyberterrorists look for more than financial gain, and the results of their efforts put lives at stake. If you’re looking for the real monsters, look no further.
Yet, despite the multitude of malicious hackers, the truth remains that the root of hacking is not in evil. And the stereotypes that persist are wrong on multiple levels. Not only do they cast a fully negative light on hackers who make their life’s work protecting others, but they also severely underestimate the nefarious capabilities of those who seek to profit at the cost of others—no matter how high.
Ultimately, hacking has just as much to do with developing creative solutions to technical problems as it does with compromising data. It all comes down to intentions. Ethical hacking can improve the security of programs, whereas malicious hacking seeks to undermine data integrity. It’s why people hack that shapes the nature of their being.