A white hat, grey hat or black hat.
These are well known IT terms and all refer to hackers but firstly what is a hacker? A hacker is someone who works at breaking into a computer, website or IT system by getting around the security measures. Any device (phone, computer including servers, tablet) which is online can be subject to hacking.
Once in the hacker then has access to the operating system and or the information on the system. This means they can steal information from the system, change information on the system, deny access to the system or even disable it completely.
So where do the names come from?
You can probably guess that the names reflect the colour of hats worn by cowboys in the old western movies out of the US. Perhaps not so much the grey hat but most of us remember the baddies always wore black hats and the good guys wore white hats. As for grey hats the old cowboy movies weren’t that subtle.
What does a white hat do?
A white hat hacker is often hired by IT security firms or even by companies which produce devices and operating systems to see if they can get past the security. If they are successful, then the developers can fix the security flaw before the product goes live.
However, in reality we know this does not always happen and even the largest corporations have had their products exposed to security flaws after going live. Recent issues with Intel are a case in point but they are not alone.
And those black hats
Now these are the bad guys. They actively seek security flaws so they can steal information or hold corporations or individuals to ransom seeking payment to stop their illegal activities. The information they steal is often sold on the dark web including credit card details and peoples’ identities.
Of course there are some black hats who just hack into systems for the thrill of it all. The joy riders of the online world.
Increasingly, and perhaps most alarmingly governments are employing black hat hackers to hack into foreign countries systems which control utilities, transport etc.
It is worth noting that the older a system or device becomes, the more prone it is to being hacked. Obviously a newer product is a juicier victim as there is some kudos for the hacker to break into a new system and possibly a bigger payoff as well as more people will be using the newer version.
Finally the grey hats
As the colour suggests they are a mix of white and black sitting somewhere in the middle and can either lean towards white or black.
Think of them as freelancers. They will find vulnerabilities in systems and then often report them to the system owner usually asking for a payment for what they have found. The idea is the owner can then correct the issue, hopefully without having to inform their clients and so save damage to their reputations, or if necessary provide a patch for clients to download the fix the issue.
On occasions if the owner of the system does not pay the grey hat might expose the flaw to the public which could cause security issues for the users.
So what is the answer to combating hackers
Unfortunately there is no definitive answer. All you can do is carry out best practice security yourself which includes:
- Installing anti virus software on your computer
- Do not use public WIFI when accessing any site or system which needs a login
- Using strong usernames and passwords which you change regularly and store securely.
In the end there is always a risk but so is driving a car, going on a first date and even breathing runs the risk of inhaling something carcinogenic.