What is Hacking?
We speak of “hacking” when someone who’s not authorized tries to access or take control of someone else’s system or computer. This doesn’t always have to be technically complex: even guessing someone’s password is considered hacking by some authorities. After all, you gain access to someone else’s computer, files, or account without permission. Yet the typical idea that people tend to have of hacking is that it involves a computer nerd using advanced software to crack someone’s online bank account, for example. While this is certainly considered hacking, it isn’t the only way in which hacking takes place. Well-known kinds of cybercrime such as phishing and the distribution of malware are often referred to as hacking as well. This is because the aim is usually to gain access to other people’s data.
What is a Hacker?
A hacker is someone who accesses data without authorization by circumventing the safety measures in place. Originally, a “hacker” is someone with a lot of technical knowledge of computers and computer networks who solves a computer-related problem in a non-conventional way. The “hacker culture” started around 1960 with programmers “messing around” with hardware and software.
Is Hacking Illegal?
If the act of hacking happens without the consent of the person or company owning the data, hacking is illegal. It doesn’t matter whether or not a hacker does something with the data gained from the hack, the act itself is not allowed. If a hacker does get permission from the owner of the data, then hacking isn’t necessarily illegal. This is more commonly referred to as “ethical hacking“. The goal of ethical hacking is to discover and fix vulnerabilities in a system before a malicious hacker finds and exploits those same vulnerabilities for criminal purposes.
Which Types of Hackers Are There?
We’ve already discussed the difference between ethical hackers and non-ethical hackers (also called black hat hackers). However, these aren’t the only kinds of hackers out there. Usually, a distinction is made between black hat, white hat, and grey hat hackers.
What Are Black Hat Hackers?
Black hat hackers are hackers who break into someone else’s systems without permission. These are the stereotypical hackers that people tend to think of when they hear the word “hacking”. These hackers crack the security of computers, servers, and networks for personal (usually financial) gain. These hackers are sometimes referred to as so-called “crackers” because they “crack” someone else’s system. Once a black hat hacker has found a weakness, they usually try to make money off of it in a variety of ways:
Blackmailing: the hacker might use the data to extort the victim. Selling the knowledge of vulnerabilities to other hackers: a black hat hacker might sell the knowledge they’ve gained of these vulnerabilities to other hackers so they can abuse this information. Selling the actual data to others: the black hat hacker might sell the hacked data to others. For example, they could sell a database full of leaked credit card information to a willing buyer. A lot of illegally obtained personal information is offered for sale on the dark web.
There are many different kinds of malware that help hackers virtually take over someone else’s system or computer. The installation of this software is already considered “hacking” by some. Some common types of malware are:
Spyware: spying software to gain insight into files (and passwords) of others. Ransomware: software that allows a hacker to lock down someone’s system or computer and then offer to unlock it for a fee. Universities and hospitals are often the victims of this type of malware. Keyloggers: software that keeps track of the keys you press on your keyboard. This might be used to figure out your passwords and gain access to your accounts. Adware: software that floods the victim’s device with advertisements and pop-ups. Bots: a bot is a type of malware that allows a hacker to take over someone else’s computer. These bots are often spread using computer worms. If a system is infected with a bot, it becomes part of a botnet and can be used to make it perform certain actions. The system might be used to send spam emails, spread viruses, visit sites that the owner doesn’t want to visit, or carry out so-called DDoS attacks.
As you can see, black hat hackers have a lot of resources to crack and abuse systems. But fortunately, there are also hackers who are committed to securing systems: white hat hackers.
What Are White Hat Hackers?
White hat hackers only attempt to break into another person’s system with explicit permission. A white hat hacker (often referred to as “ethical hacker”) is a computer security specialist. White hat hackers often use the same techniques to break into computers and networks as black hat hackers. The major difference is that white hat hackers want to improve a system’s security instead of abusing it. White hat hackers hack from an ethical perspective. By breaking into secure computers and networks with permission, white hat hackers try to detect security flaws. They then help to find a solution to patch the leak and improve security. The intention of white hat hackers is to detect weaknesses in IT infrastructure before malicious black hat hackers can exploit these vulnerabilities. Many systems and networks that must meet the highest security standards are subjected to tests performed by ethical hackers. These tests are also known as pen tests, short for penetration tests. In a pen test, hackers try to (virtually) penetrate security systems. The findings of these tests are used to patch security leaks. Once a system is deemed safe enough to use, it gets approved. Even the government employs hackers, usually referred to as state-sponsored hackers. Large consulting firms also employ white hat hackers to check a company’s ICT infrastructure for potential security vulnerabilities. In short, the major difference between black hat hackers and white hat hackers is that white hat hackers are on the good side of the law. They have explicit permission to try to and crack a system, with the intention of improving its security. There’s also a third category of hackers: grey hat hackers.
What Are Grey Hat Hackers?
Grey hat hackers take a slightly more lenient approach to the rules than white hat hackers. Often, grey hat hackers break into systems without having been given permission beforehand, usually out of interest or curiosity. However, if they find any vulnerabilities, they do not exploit them. They either do nothing with it, tell the involved organization about it for free, or try to get a small financial compensation for discovering a vulnerability, although not all companies appreciate this. These kinds of practices have led to several damage claims against grey hat hackers in the past. A grey hat hacker can be seen as the middle ground between the black hat hacker and the white hat hacker. The hacker tries to break into a system without permission (like a black hat hacker), but will not do anything with the acquired information or will bring this leak to the attention of the organization that was hacked (like a white hat hacker). Nowadays, some companies have started “bug bounty programs“. These programs allow users (or ethical hackers) to report vulnerabilities or bugs in a system to the company in exchange for a small reward. This way, the company doesn’t need to specifically hire someone to crack the system, but still rewards hackers in case they find a security problem or bug. These programs could be considered supportive of grey hat hacking.
Other Types of Hackers
Most hackers fit in one of the categories mentioned above. However, sometimes people include other types of hackers such as:
Script kiddies: amateur (mostly juvenile) hackers that use scripts made by other hackers in order to make themselves look cool. Green hat hackers: hackers that are new to the field of hacking but don’t have bad motives. Blue hat hackers: hackers that use hacking as a weapon to get back at others. Red hat hackers: hackers that are similar to white hat hackers in that they have the intention to stop black hat hacking. The difference being that red hat hackers go after black hat hackers, instead of just trying to patch security leaks (like vigilantes).
Tips to Protect Yourself From Hackers
Because there are many ways to get hacked, it’s important to properly protect your accounts, systems, devices, internet connection, and files from hackers. Here are some tips to make sure that the chances of you being hacked are as slim as possible:
How Do You Know Whether You’ve Been Hacked?
It can be tricky to figure out whether you’ve been hacked or not. Certain kinds of hacks are more visible than others. For example, if you can’t log into your Facebook account anymore, even though you’re sure you entered your password correctly, it’s pretty likely that you’ve been hacked. If your personal data has been leaked, it’s often less obvious. These are some of the signs that you might’ve been hacked:
You can’t log in anymore, even though you’re sure you entered the right password. Your computer or smartphone is suddenly very slow. Your smartphone’s battery is draining fast. You get an email notification that someone has tried to log into your account from a location you’ve never been to. Your device suddenly gets flooded with pop-ups (this is probably caused by adware). Your friends or family get emails or messages from your account, even though you didn’t send anything yourself. Files on your computer (or your entire computer) are suddenly encrypted and inaccessible (this is probably ransomware). Certain apps or processes on your computer are using an absurd amount of processing power. You can check this in “task manager”.
If you are suffering from one or more of these aforementioned signs, it’s probably a good idea to do some more research and determine whether you’ve been hacked or not. You can use the site “Have I Been Pwned“ to check whether your email address has been leaked in reported data leaks, for example. Keep in mind that these signs only suggest you might be hacked. There’s still a possibility that something else is amiss, for example when Caps Lock is turned on (in case of wrongfully entered passwords) or when you’re working with older hardware (in case of a slow device or quickly draining battery). If you aren’t sure whether you’ve actually become victim of a hack, you can ask the site where you have your possibly hacked account for help, consult a computer expert, or research your problem using a search engine such as Google.
What To Do When Hacked?
If you’ve been hacked, it’s important to stay calm. There are many ways to get hacked and each requires a different response. It’s always a good idea to determine what kind of hack you’re dealing with and respond appropriately. A great resource is the FBI’s site on cybercrime, they also have a site where you can file a complaint regarding cybercrime here. Some general tips for when you’ve been hacked are:
Scan for viruses with your antivirus software. Change your passwords. Both on the site where you were hacked, and on other sites. Start with your email, as a lot of accounts are linked to that. Update your device and software. Contact the site where you were hacked. This way they’re informed and can also help you. Block your credit card or bank card in case of a financial breach. Contact friends and family. This way, if they are contacted by the hacker, they know it’s not you and won’t fall for any tricks.
For more information on how to keep your device safe, check out the articles below:
How to Know If Your Computer is Being Monitored Mobile Spyware: How to Tell If Your Phone Is Being Monitored Hacked Webcam: Who Could Be Watching You?
Read more about hacking here. Even guessing someone else’s password can be considered hacking. Read more about hackers here.
Black hat hackers White hat hackers Grey hat hackers Script kiddies Green hat hackers Blue hat hackers Red hat hackers
The most common types are black hat, white hat, and grey hat hackers. All the other hackers can usually be categorized within those three categories and are less frequently used.
Stay aware of online dangers Update your devices and software regularly Use good antivirus software Use strong passwords Enable two-factor authentication Be careful when clicking on links in chat messages or emails Avoid public Wi-Fi Don’t visit unsafe sites or download unsafe software Use a VPN