If you’ve been reading with us for a long time, you might remember our post back in May explaining what all the different varieties of hackers do. If you haven’t read it yet, click here and take a look. Since then we’ve had a number of you get in touch to find out more about the more ‘colourful’ hacker hats and what they are all about. A few were even surprised that we are, ourselves, a type of hacker. At Bridewell some of our work takes us into ‘white hat hacker’ territory, and we want to explain a little more about what that means; along with some of the other hacking hats.
Black Hat Hackers
Black hat hackers are the classic definition of a hacker – an aggressive computer user who wilfully breaks into, vandalises or commits theft on other peoples’ networks. ‘Black hat’ is simply the way we refer to their malicious motivations. They are often motivated by greed or revenge, and that fuels their desire to break into other peoples’ networks and wreak havoc. Black hat hackers are often depicted as people sitting in darkened rooms pouring over luminous computer screens, but in reality, a black hat hacker can be anyone with a lot of computer knowledge and is motivated by greed or a grudge. Many black hat hackers make their living defrauding unsuspecting individuals or businesses through various schemes; from cracking systems to spreading malware infections.
Speaking of malware, black hat hackers are also responsible for creating the vast majority of new malware strains. By developing malware that targets specific security weaknesses or loopholes, black hat hackers can gain attempt to access to any system they want, whether it’s the database of a one-man band or the bank account of a multi-million-pound empire. Whenever you see reports of hacking, malware infections or other cyber-attacks in the news, it’s the black hat hackers behind it.
White Hat Hackers
White hat (or ethical) hackers sit on the opposite side of the table to the black hat hackers. Fun fact – the term ‘white hat’ comes from old Western movies, where the cliché was for the ‘good guy’ to wear a white cowboy hat. This type of hacker works closely with businesses and individuals with the aim of keeping them safe online. That can range from removing complex malware from their systems or breaking into protected systems to assess their security.
White hat hackers can be a reformed black hat hacker, those with a passion to help people or simply a computer enthusiast who loves a challenge. Their value is in putting a stop to black hat hackers, reporting any they find, putting them out of action and adding layers of protection to prevent more from gaining access. They can operate as freelancers, or as a business offering their services to professional organisations. For example, at Bridewell, we specialise in helping businesses understand where their digital weaknesses are. We do this using a range of techniques, including Pen testing (or penetration testing) and vulnerability scanning, and use the results to develop hardened security measures to protect your business.
Red Hat Hackers
As we have mentioned before, red hat hackers are very much the vigilantes of the hacker world. They are effectively a mix of white and black hat hackers (not to be confused with grey hat hackers!), in that they stop black hat hacker attacks, but they are downright scary when they do it. Instead of repelling the attack and reporting the black hat hacker involved, red hat hackers will go out of their way to tear down the black hat hacker. If they find a person with malicious intent who has so much as tried a pen test, a red hat hacker will shut them down by uploading viruses, DoSing and accessing their computer to systematically destroy it from the inside out. They use multiple aggressive methods to attack their target, to the point of forcing them to need a new computer.
But beware, the term ‘red hat’ is also commonly used in the Linux world, particularly as the service offered to users to help them understand and even get certified in certain aspects of the Linux environment – so not to be confused with red hat hackers!
At Bridewell Consulting we pride ourselves on upholding the highest standards of ethical hacking. We provide extensive cyber security testing services for businesses of all sizes, giving our clients the opportunity to create a secure foundation for their business to flourish in safety. For more information about the types of security testing we perform at Bridewell, or to book your free consultation, just get in touch with the team today.