What is a hacker?

A hacker is someone who uses his or her advanced computer knowledge to exploit security loopholes in digital devices or software/apps. The term was first used in the early ’80s and slowly grew more widespread. Sci-fi movies and novels also popularized the term and even romanticized it (e.g., through hacker movies like Wargames and Hackers). As our lives become more and more digitized, hackers play a growing, and surprisingly, sometimes amusing role. Explore the lighter side of hacking in our article on the funniest hacks, proving that they too, have a sense of humor.

Hackers do more than just gain unauthorized access to a computer system, using methods like spear phishing or wardriving. Hacker culture also means innovation and creativity. Hackers explore the limitations of software, search for advanced protection solutions, and advocate for internet freedom.

They can work with organizations and companies to improve their security and educate them about different data exfiltration attack techniques. White hat hackers can also be freelancers who fulfill security bounties for cash rewards.

White hats or ethical hackers can also operate as modern-day Robin Hood successors. They could use black-hat techniques to subvert laws or steal from corporations for good means (for example, expose some info useful for public interest, help society, etc.). They can also help companies track down and catch black hatters (for example, by using a honeypot).

There are also blue hat hackers. Software companies hire their hacking techniques to look for software security vulnerabilities before its launch. They do bug tests to find weak spots so developers could fix them. The difference from white-hat hackers is that blue hats are outsourced from external companies. However, they could still be treated as ethical hackers or a sub-group of white hats.

Black hats use their hacking techniques for various illegal and sometimes criminal activities. These include:

• Stealing data, online identities or money;
• Hacking systems for challenge or entertainment;
• Distributing different types of malware;
• Spying on individuals, companies or even countries to obtain confidential data or commit identity theft;
• Cracking software digital rights protection for illegal use;
• Stalking people.

Apart from trying to gain unauthorized access to your system directly, these hackers might also employ social engineering measures for identity theft, or other malicious intent. In this case, you will provide access by clicking on a malicious link or downloading dodgy apps.

Black hat hackers are the type you usually need to look out for. We’ve covered many of their hacking techniques on our blog, including password cracking methods like dictionary attacks and rainbow table attacks. These can include IP fragmentation or the creation of malware or computer viruses.

Script kiddies are hackers who exclusively employ scripts developed by others to carry out digital mischief. Hackers sometimes look down on them, since hackers are usually supposed to be capable of hacking without premade tools or of building their own. However, script kiddies still use real hacking tools, so can still do some damage. Script kiddies are also active in the gaming community.

Grey hat hackers fall somewhere between black and white hats. They usually hack for more pragmatic or selfish purposes, to gain access to your computer system, for instance – rather than for the systematic development of security systems. Grey-hats usually act unethically and illegally, but they don’t engage in the criminal activities that black hat hackers do.

For example, a grey hatter may find a loophole in your system without you hiring him or her, notify you, but only agree to fix it for a certain sum of money. Or they may not report it at all.

Hacktivists (also known as red hat hackers) perform hacks to convey a political, ideological, social, or religious message. They also might expose confidential information for various reasons (e.g., advocating freedom of information, making a statement, etc.). Their hacktivism can also be a part of a broader campaign, and it is usually a continuous process rather than a one-off affair. Some examples of hacktivism include the activities of WikiLeaks, the Anonymous movement, etc.

Also known as “hackers-in-training” green hackers are new to the hacking world and are focused on learning and growing their skills. Quite often, green hat hackers will aspire to mimic cyberattacks carried out by black hat hackers. In effect, green hat hackers have the potential to learn and be conscious of the good they can do in the world – or they can become embroiled in the dark-arts of black hat hacking. Which is never good news.

Commonly (and sometimes unfairly) known as “malicious insider hackers,” these guys are for the people. Whistleblower hackers attack the company they work for to reveal illegal activity, although some whistleblower hackers have acted on a personal grudge with malicious intentions.

Famous whistleblowers include; Edward Snowden (WikiLeaks), John Kopchinski (Pfizer), Cheryl Eckhard (GlaxoSmithKline), and Katherin Gun (British government translator).

Responsible for shining light on the darkest parts of our society, the actions of some whistleblower hackers have helped to revolutionize industry and empower ordinary people.

• Katherine Gun (played by Keira Knightley in the 2019 movie Official Secrets) was a British government translator, who revealed that the US had been eavesdropping on diplomats from other countries. Gun photocopied a US government memo demanding Government Communications Headquarters help sway the UN to back strikes against Iraq in 2003.
• Edward Snowden was an American computer intelligence consultant who leaked highly classified information on the National Security Agency. Snowden revealed how the US government eavesdrop on citizens and in his own words has stated; “I cannot allow the government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building.”
• John Kopchinksi sued Pfizer (the company he worked for) for engaging in the off-label marketing of Bextra, a painkiller, in dangerous doses for unapproved, unsafe uses. While Kopchinski may not have used “hacking” means to free the people, he follows in the same vein as his cyber counterparts, adding; “In the army I was expected to protect people at all costs, at Pfizer I was expected to increase profits at all costs, even when sales meant endangering lives.”

Elite hackers are the best of the best when it comes to hacking. Often targeting high-revenue organizations, they invent new ways to attack, are experts in ransomware and extortion and may even operate in criminal gangs.

Samsung, Sony, Adobe, Yahoo, Facebook, Garmin, and CNA, have all been held at ransom by hackers for millions of dollars. In fact, notorious hacker-gangs like Lapsus$ and Anonymous are proof that hacking has the power to be as good as it is bad. While Lapsus$ has been known to extort millions from companies, Anonymous operate as internet activists with members all over the world. Political by nature, Anonymous have taken down government websites, held mass protests, and have even launched attacks on Russia to undermine Vladimir Putin and the war on Ukraine.

Cryptojackers exploit network weaknesses and hijack computer resources as a way to mine for cryptocurrencies. Cryptojackers will spread malware by planting it across the web, in the hope that you’ll get infected. Infections are hard to spot and malware tends to run in the background sending results back to the hacker.

Unlike typical hackers cryptojackers aren’t interested in stealing you data. They would rather use the processing power of your device to fuel a much larger machine to mine far and wide for cryptocurrencies.

Gaming hackers try to steal other players credit caches or cause distributed denial-of-service (DDoS) attacks to force them out of the game.

A DDoS attack will floods a server with internet traffic to stop users from being able to access certain websites and online services. If you’re worried about this then always use a VPN when you’re gaming. NordVPN protects you against DDoS attacks and also secures your data online – all you have to do is switch on the app.

Botnet hackers are malware coders who create bots to perform cyberattacks across as many devices as possible. Bots look for unsecured devices like routers that still have their default logins, cameras and other IoT devices to plant themselves in. Botnets can be used by the hacker who created it or they can be bought ready-made on the dark web for other hackers to use.

Here are just a few examples of famous hackers:

This guy is one of the main inspirations for the film WarGames, in which a hacker accesses a US supercomputer used to predict outcomes of nuclear war and initiates a war simulation. In the early 1980s he hacked the North American Aerospace Defense Command (NORAD), which is responsible for USA air defense. He also infamously hacked the Pacific Bell and Digital Equipment Corporation networks. After serving years in prison, Kevin ultimately became a white hat hacker.

Kevin managed to take over all the phone lines of Los Angeles radio station KIIS-FM to win a Porsche. Later, he pursued a journalist’s career and developed software for secure communications between journalists and their sources.

Jude started a hacking group called Cypherpunks. She was one of the earliest hacktivists to advocate for privacy and women’s rights. She also participated in the Civil Rights Movement and wrote a few books on politically and socially conscious hacking.

• Update your security software;
• Do not expose your info publicly or to people you don’t know;
• Get to know your devices. Wireless device vulnerabilities can leave your data exposed to hackers;
• Do not open suspicious links, emails or messages;
• Use strong passwords and double-factor user authentication;
• Only download software from trusted websites;
• Use a VPN to help safeguard your traffic. NordVPN’s Threat Protection feature will also help you to identify malicious websites and files as well as to avoid ads and trackers.