Fidelity National Financial - Fraud Insights - NOT all hackers wear the same color hat

"Hacker," to a non–technical or computer–savvy person, generally has a horrible meaning. News outlets report crimes — such as identity theft, data breaches and credit card theft — as perpetrated by the evil hackers.

The ways in which hackers commit the theft or generally cause mayhem is many times ingenious, such as loading malicious software onto credit card point of sale machines to lift credit card data and send it to a cybercriminal or breaking into one of the largest credit companies. Often, the victims are unaware they are being victimized.

The impressive heists beg the question, "What if hackers used their abilities for good?" In fact, many hackers do apply their abilities for the greater good and it is the reason "hacker," within the tech industry, does not always refer to a criminal. Instead, it depends on the color of the hat they wear.

To differentiate hackers, good and bad, they are lumped into categories of hat color: black hat, white hat and grey hat. This is a throwback to the spaghetti westerns where the good guy wore a pristine white hat and his adversary, the "baddie," wore a black hat.

Black Hat Hackers
Black hat hackers, or "black hats," widely called "threat actors," are the most notable variety of hackers. These are the criminals making the news by illegally hacking into credit card data bases or obtaining personal information to sell. Many also look for system vulnerabilities, which they sell to other black hats. The news today is filled with stories such as these, but black hats are not just in it for the profit.

Many black hats hack to send a political or social message by shutting down or modifying websites. Others do it for no purpose — just to cause mayhem and disruption.

The motivations behind the black hats can widely vary. Whatever their intentions are, they do have commonality in that the actions are illegal and not done with the purpose of benefiting the victims.

News and media most often just refer to them generally as "hackers" and do not differentiate. Hackers are portrayed as the common stereotype of the nefarious criminal victimizing innocent companies and persons. We have all seen some version of the person in the black ski mask at a computer.

White Hat Hackers
All hackers, however, are not motivated to cause harm and disruption. Many hackers look to improve and protect our security on the internet. These are referred to as white hat hackers, or "white hats." Their intentions are not to exploit vulnerabilities, but instead to find and fix them. These types of hackers may also be referred to as "vulnerability or penetration actors."

Many times, white hats are employed by companies to act as if they were black hats and gain access to or disrupt a computer system. Then, if issues are found, create fixes or security patches to prevent a black hat from using it for harm.

The intentions of white hats are to use their talents for good instead of evil. White hats are hired and given express permission to try and compromise an organization's system or data. The ability of white hats to carry out preemptive attacks helps to assess an organization's ability to protect themselves from more unscrupulous characters.

Grey Hat Hackers
Unlike in the spaghetti westerns where we know who will win the fight, good and evil in today's world are not as clearly defined. This third color of hat covers the shaded areas between black and white: grey hat hackers or "grey hats." You will sometimes hear these referred to as "security researchers."

Grey hat hackers may be looking to help a company but may not have the permissions that white hats are granted. Often, grey hats look for a company's vulnerabilities — without their consent. When found, the grey hat generally reaches out to the company offering either the information or a fix to the vulnerability — usually for a fee, or "bug bounty."

If a fee is refused, some grey hats may do nothing; others may take a step in the black hat direction. The requested fee may be more along the lines of extortion. If the grey hat hackers are not paid — they may threaten to sell the information to a black hat or even victimize the company themselves.

It is important to note the differences, as not all hackers are the bad guys. Instead, many are on the lookout to make our growing online presence a secure one. Hopefully in the future, more hackers will decide to don the white hat and not the black hat, but until then the high–noon showdowns on Main Street will continue.

Article provided by contributing author:
Scott Cummins, Advisory Director
Fidelity National Title Group
National Escrow Administration