Hacking is a growing problem both in Denmark and in the rest of the world. Hackers operate behind hacking, but not all hackers are criminals.
What defines a hacker?
Although most people imagine someone carrying out illegal hacking attacks when they hear the word "hacker", a hacker is actually just someone who uses computer programming or other technical skills to solve a problem or optimise a program.
The term "hacker" has gone through an evolution historically. Originally, the term was used in a positive way as it described someone who displayed a high degree of skill and creativity in their approach to technical problems.
The term "hacker" was first used in the 1960s to describe a person who, at a time when most people had limited skills when it came to computers, could increase the efficiency of computer programs or make computer programs perform tasks they were not originally capable of.
The term has evolved over the years to refer to someone with an advanced understanding of computers, networking, programming or hardware. In addition, the term is most often used to refer to individuals who perform illegal acts.
The different types of hackers
Generally speaking, there are three types of hacker. They are called white hat hackers, grey hat hackers and black hat hackers. These descriptions come from the English terms (white hat, grey hat and black hat hackers). The three categories are defined by the colour of the "hat" the hacker wears when hacking.
The hats worn by the different types of hackers refer to the hacker's purpose and motivation. The metaphors of hats come from old American western movies, where the bad guys always wore black hats and the heroes always wore white hats.
White hat hackers
White hat hackers are also called ethical hackers. This type of hacker uses their hacking skills and knowledge for good. They use their skills to find security holes and test IT systems for companies, organisations or governments.
In other words, the hacker is hired to test a company's IT security and find vulnerabilities in their systems. Typically, they can also offer help to companies and program security solutions. A white hat hacker is used as an indirect defence against other, criminal hackers.
Ethical hackers are one reason why larger organisations, governments and businesses typically experience less downtime and fewer problems with their websites. Most criminal hackers are aware that it is more difficult to hack into systems operated by large companies than those used by smaller companies, which are unlikely to have the resources to hire ethical hackers.
Some ethical hackers use penetration tests that focus specifically on identifying vulnerabilities in IT systems. All rights to data, files and systems remain with companies, but ethical hackers gain access to them.
Blue hat hackers are very similar to white hat hackers because they largely do the same work for companies. Blue hat hackers also test the security systems of large companies or organisations. The difference between them and white hat hackers is that blue hat hackers are outsourced from other companies, while white hat hackers are usually permanent employees of the companies they work for.
Black hat hackers
Black hat hackers are the type of hacker most people associate with the term "hacker". These are hackers who illegally hack businesses and individuals and carry out cyber attacks such as:
- Data theft
- Spread of different types of malware
- Online espionage
- Ransomware attacks
- DDoS attacks
In the past, this category of IT savvy was called "crackers" to distinguish them from legitimate hackers. A black hat hacker's motive is typically financial in nature.
Grey hat hackers
Grey hat hackers are a bit of a mix of white hat and black hat hackers. Grey hat hackers typically carry out illegal hacking attacks as they force their way into companies' IT systems without permission. If they find vulnerabilities, they notify the company and typically offer their help to fix the problems.
Often, the grey hat hacker's aim is to show off their skills and attract attention and recognition. Their intent is good, but their way of finding vulnerabilities is usually illegal.
Examples of known hackers
There are now many well-known hackers from the various categories who have achieved a certain status within the hacker community.
One of the most famous black hats is Kevin Mitnick, who was once the world's most wanted cybercriminal by the FBI. He hacked into more than 40 major companies, such as IBM and Pacific Bell, and even the US military's defence system. He now works as a white has.
Other well-known criminal hackers are Michael Calce and Kevin Poulsen.
Famous white hats include Tim Berners-Lee, who is known for inventing the internet. He currently works as the director of the World Wide Web Consortium (W3C), which oversees the development of the Internet.
Another well-known white hat is Greg Hoglund, a computer expert who has contributed a large amount of research in the detection of malware, rootkits and hacking of online games. He previously worked for the US government and several intelligence agencies.
Other categories of hackers
In addition to the hacker types already mentioned, there are several different hacker types worth mentioning.
State-sponsored hackers are hackers who are directly or indirectly employed by the state to protect a nation against cyber attacks from other countries, launch cyber attacks against other countries, obtain information from other countries or spread misinformation in other countries. Many countries, including Denmark, Russia, China and North Korea, use state-sponsored hackers.
This type of hacker is provided with many resources and special tools and can therefore carry out sophisticated cyber attacks.
This group of hackers is engaged in obtaining and spreading information on the Internet about terrorist groups, animal cruelty, totalitarian regimes, unethical corporations and other kinds of classical activism.
These are traditional activists who carry out their protests or activist work online through hacking.
Script kiddies is Europol's term for young, geeky hackers who hack into websites in particular because they find it entertaining. They often know each other from gaming networks and try to impress each other by hacking relatively "easy" targets.
They don't have very good IT skills, so they typically buy ready-made software that does most of the work. Script kiddies is a pejorative term, as established hackers don't consider them real hackers.
Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.