Black Hat, White Hat, Gray Hat, Script Kiddies - Who they are?

Read Time:2 Minute, 3 Second

The term hacker often takes on a negative connotation.

In the past, we often focused on the distinction between a hacker, a person with deep security knowledge who explores technologies, systems and related vulnerabilities out of pure passion, and crackers, the “malicious” counterpart, who uses his knowledge to cause damage and steal data. a certain value (for example, credit cards).

RFC1392 provides the following definitions:

hacker
A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular. The term is often misused in a pejorative context, where “cracker” would be the correct term.

cracker
A cracker is an individual who attempts to access computer system without authorization. These individuals are often malicious, as opposed to hackers, and have many means at their disposal for breaking into a system.

Unfortunately, media have never bothered to understand the distinction and, for the masses, there is no difference between crackers and hackers.

In our opinion, here is the correct terminology to be used in the security sector:

Black hats (Crackers)

Crackers, or black hats, have got extraordinary computing skills but they lack ethics. They may violate laws by committing malicious or destructive acts.

Script Kiddies

An unskilled cracker who compromises systems using tools, scripts and software developed by others.

White Hats (Ethical Hacker)

An individual who uses his hacking skill for defensive purposes.

They analyse computer systems or networks to detect security issues and give recommendations for improvement to their owners.

A white hat will penetrate a system only with the authorisation and upon request of the infrastructure owner.

Gray Hats

Gray hats use their skills both offensively and defensively.

They often look for system vulnerabilities without the permission or knowledge of the owner. If they find a security issue, they may reveal it to the owner upon the payment of a small fee. Sometimes, their ultimate goal is to show their skills and create awareness about the intrinsic insecurity of the Internet.

It may be useful to know some additional terms. State-sponsored hackers are employed by the government to penetrate other government systems to damage or gain top-secret information. You have surely heard about Cyber Terrorists, individuals moved by political or religious beliefs to create fear among civilians and influence the policy of the targeted governments.

Inblack hat, cracker, gray hat, hacker, script kiddies, white hat

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Friday Squid Blogging: Sunscreen from Squid Pigments

Compromising the Secure Boot Process

Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

Hacktivists Claim Leak of CrowdStrike Threat Intelligence

CrowdStrike Falcon Outage Exploited for Social Engineering

Despite Bans, AI Code Tools Widespread in Organizations

North Korean Hackers Target Critical Infrastructure for Military Gain

The CrowdStrike Outage and Market-Driven Brittleness

Black Hat, White Hat, Gray Hat, Script Kiddies – Who they are?

Black hats (Crackers)

Script Kiddies

White Hats (Ethical Hacker)

Gray Hats

Leave a Reply Cancel reply

CVE-2021-33621: A Critical Security Vulnerability in Ruby’s CGI

Understanding and Mitigating the CVE-2022-41741 Vulnerability in NGINX

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

CVE-2020-36518: A Critical Vulnerability in SolarWinds Orion Platform

Uncovering ZDI-22-1021: A Critical Zero-Day Vulnerability in Google Chrome