Pick a Hat

--Originally published at Computer and Information Security


Whenever we hear the word hacker one word comes to our minds “CRIMINAL”, but we could be wrong. The definition of hacker is controversial and it could mean either someone who steals information or a skilled developer working for a great company.

There are tree terms to classify the hackers based on their behavior: black-hat, white-hat and gray-hat hackers.

Black-hat hackers are the type of hacker everyone has heard of. The ones who violate computer security for personal gain. The activities these hackers perform go from stealing credit card numbers to collecting personal data for sale to identity thieves. Black hats represent the stereotype that hackers are criminals performing illegal activities and attacking others.

White-hat hackers are the ethical hackers. They are experts in compromising computer security systems but they use their knowledge and abilities for ethical purposes.These hackers may be employed by an organization to attempt to compromise their systems and then report back and inform how the access was gained. Such actions will allow the organization to improve their defenses.

Gray-hat hackers fall between the white hats and the black hats. Gray hats don’t work for their personal gain or to cause damage, but they may technically commit crimes and do unethical things.

Now, lets talk more about ethical hacking.

An ethical hacker is a computer and networking expert who attempts to gain access to a computer system on behalf of its owner. The purpose of this activity is to find vulnerabilities that a malicious hacker could exploit.

Ethical hackers use the same techniques than malicious hackers, but instead of taking advantage of the vulnerabilities, they document them and provide advice on how to fix them. With that done, the organization is able to improve its security.

For hacking to be ethical, the hacker must have the

permission from the owner to probe their network and attempt to identify potential security risks.