I REFER to your editorial “Of white hats and whistleblowers” (Nov 19) which says “In the tech community, Rozario would be known as a ‘white hat hacker’, one of the good guys, as opposed to the black hats who have malevolent motives. It is a pity that instead of lauding his effort, too many of us decided to shoot the messenger”.
A hacker is an individual who owns and uses technical computer, networking or other skills to overcome a technical problem. It is also referred to a person who uses his or her abilities to gain unauthorised access to systems or networks in order to commit crimes.
A hacker, either good or bad, is someone who has the best ability in utilising knowledge of computer software and hardware to overcome security measures on a computer, device or network.
In most cases, a hacker is written as someone good (in relation to cyber criminals) in stealing information to hurt people via identity theft, damage or bring down systems and often hold those systems hostage to collect ransom.
It is noted that there are hackers of “white ‘good’ hat”, “black ‘bad’ hat” and “grey ‘neutral’ hat”. The terms were taken from old westerns. Is it any wonder the Lone Ranger wore white?
Hackers are people who seek knowledge, to understand how systems operate, how they are designed, and then attempt to crack them. Whether the intention is good or bad, you can be charged with breaking the law.
One of the best hackers of all time is Steve Wozniak aka Woz! Yes, the Apple Founder. Bill Gates was also caught breaking into corporate systems as a teenager before founding Microsoft.
Like all hackers, black hat hackers usually have extensive knowledge about breaking into computer networks and bypassing security protocols.
Black hat hackers are more likely to gain notoriety as hackers in mainstream accounts and also as “malware writers”.
Their primary motivation is usually for personal or financial gain, but they can also be involved in cyber espionage, protest or perhaps are just addicted to the thrill of cybercrime.
Black hat hackers can range from amateurs by spreading malware, to experienced hackers that aim to steal data, specifically financial information, personal information and login credentials.
Not only do black hat hackers seek to steal data, they also seek to modify or destroy data as well.
White hat hackers are also known as “ethical hackers” and they can sometimes be paid employees or contractors working for companies as security specialists and choose to use their powers for good rather than evil.
White hat hackers use the same hacking methods like the black hats except that they do it with permission from the owner of the system first, which makes the process completely legal.
White hat hackers perform penetration testing, test in-place security systems and perform vulnerability assessments for companies.
There are even courses, training, conferences and certifications for ethical hacking.
Grey hat hackers are a blend of both black hat and white hat activities. Often, grey hat hackers will look for vulnerabilities in a system without the owner’s permission or knowledge.
If issues are found, they will report them to the owner, sometimes requesting a small fee to fix the issue.
If the owner does not respond or comply, then sometimes the hackers will post the newly found exploit online for the world to see.
Usually, grey hat hackers will not exploit the found vulnerabilities.
However, this type of hacking is still considered illegal because the hacker did not receive permission from the owner prior to attempting to attack the system.
Though hacking or hacker seems bad to the “ears”, it will depend on us accepting them. We do need the “white hat hackers” to help us against threats and destruction before the “black bad hats” interfere and even “to educate” the “grey neutral hats”.
So, don’t shoot the messenger just yet.