Pagoda Blog

In a time of escalating cybersecurity threats, we’re quick to label all hackers as criminals with malicious intent. After all, hackers are the ones who steal our passwords, compromise our data, and drain the savings from our bank accounts. Right? It’s true, some are guilty of all these crimes, but there are other hackers with noble intentions who are actually protecting society rather than trying to destroy it. So, who exactly are these well intentioned hackers and what is their role in the cybersecurity landscape?  

 

Those hackers who aren’t simply launching malicious cyberattacks for personal gain are referred to as white hat hackers, ethical hackers, or hacktivists. They can actually play an important role in society, as protectors of the public good, ensuring governments and companies don’t abuse their power. Some also help those same entities build strong defenses against the ‘bad’ hackers we spend so much energy protecting ourselves against.

 

These white hackers are also more commonplace than you might think. Lately, a prominent political figure from Texas was outed as a past member of the oldest group of computer hacktivists in U.S. history. KnowBe4, the cybersecurity training software we recommend to clients, offers workshops with Kevin Mitnick who was ‘The World’s Most Wanted Hacker’ in the mid-nineties.

 

There are plenty of examples of white hackers (some of whom, like Mitnick, once wore the black hacker hat), and some are even touted as the unsung heroes of cybersecurity and public safety. So what exactly is ethical hacking and how does a hacker earn the label of a white hat or ethical hacker?

 

 

What is an Ethical Hacker or White Hat Hacker?

Ethical hacking is the practice of revealing the cybersecurity weaknesses of a system with the intention of helping the owner of that system secure it. For example, many white hat or ethical hackers are employed by large corporations. Their job responsibilities include hacking into the company’s network to expose flaws and present the company with a cybersecurity solution. The white hat hacker’s goal is to repair any flaws before a black hat hacker exploits them. Kevin Mitnick, for example, conducts ethical hacking through KnowBe4 and as a consultant for Fortune 500 companies seeking his insight into their networks’ security flaws.  

 

What is Hacktivism?

Hacktivism is slightly different than ethical hacking. A hacktivist isn’t employed by a company or government. They act on their own or as part of an organized hacker group. Their aim is to bring attention to political or social causes often by exposing private data to the public. In his youth, presidential hopeful Beto O’Rourke belonged to a group called the Cult of the Dead Cow (CDC). The CDC is the oldest group of computer hacktivists in U.S. history and is credited with coining the term ‘hacktivism.’ As a teen, O’Rourke was an active member of the group but mainly used his connections to hack into video game software so he could play the games for free.

 

True ‘hacktivists’ use their programming know-how to launch cyberattacks against governments, corporations, drug dealers, and other groups they believe have otherwise escaped justice. One example here in the U.S. was a cyberattack against the state of Michigan’s main website to draw attention to the Flint water crisis. Sometimes the hackers simply freeze the server temporarily to make a statement or they may add code to the website to display a written message or video that highlights the particular injustice they’re protesting through the attack.

 

Although hacktivists mostly consider their work as a form of peaceful protest, the government views it differently. Hacktivism is considered to be a form of criminal trespassing and is expressly against the law. This brings us to the grey area of hacking …  

 

The Difference Between White, Black, and Grey Hat Hackers

It’s important to note that the practice of hacking is only illegal if the hacker does not have permission from the system or network’s owner. As we explained above, white hackers are actually employed by governments or corporations to try and bypass security measures in order to reveal vulnerabilities in the system. At the opposite end of the spectrum are the black hat hackers. This type of hacker breaks into and compromises a system, without the owner’s permission, for financial gain.

 

In between these ‘good’ and ‘bad’ hackers are the grey hat hackers. These may be individuals who hack into a system without permission but then report their findings to the victim. They may then request a fee to fix the issue for that company or, more rarely, they just view it as a public service. Hacktivists can also fall under this grey hat category because their work can both benefit the public good but also disrupt necessary public services.   

 

The main takeaway is that although we generally use the word ‘hacker’ to refer to a criminal with malicious intent, not all hackers deserve the bad rap. As a small business, your team may benefit greatly from the security awareness training program created by black hat turned white hat hacker, Kevin Mitnick. In fact, we believe every business should go through this type of training to ensure that every team member is playing an active role in protecting your company data.

 

For more information on cybersecurity training for your team, check out this blog post or get in touch for a free consultation.

 

Related Posts:

 

How to Strengthen Your Weakest Cybersecurity Link

WordPress Security Tips to Protect Your Website From Hackers

What is the Dark Web and How Does it Affect Your Business?

 

Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing.

 

 

Want IT to serve you better?

 

 

 

_________________________________________________________________________________________________________________________________

 

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.