What the Hack?!

The Oxford Dictionary defines ‘hack’ as: “Cut with rough or heavy blows in an irregular or random fashion”.

A second meaning follows: “Gain unauthorized access to data in a system or computer.”

It is this second meaning, that has caused controversy among many: ‘Hack’ used to have a positive feel; working on a tech problem in a different, more creative way than what’s outlined in an instruction manual. Even non-tech problems: Lifehack for example.

Similarly, a ‘hacker’ used to mean a person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. ‘Rooting’ Android devices, ‘Jailbreaking’ iOS to overcome their limits.

The word ‘cracker’ was suggested for the malicious members of the computer underground. However, instead of a division between the two, the following categories and terms emerged, each one subtley different to the next.

So I wrote this blog to provide some insight into these differences, rather than lumping everyone into the (possibly evil sounding) “hacker” group.

  • White hat: A white hat hacker breaks security for non-malicious reasons; to test security systems, perform penetration tests, or vulnerability assessments, for themselves or for clients.
  • Black hat: In contrast with the white, a black hat hacker breaks computer security for maliciousness or personal gain.
  • Grey hat: A grey hat hacker is between a black hat and a white hat hacker. A grey hat hacker may hack a system to notify its admins about the security vulnerability, then might offer to fix it for a fee. Grey hat hackers sometimes publish their findings to the whole world, instead of the admins. Even though they may not be hacking for personal gain, unauthorised access to a system can be considered illegal, not to mention unethical — well it’s a… grey area.
  • Blue hat: Blue hat refers to security consultants who are invited to test a system for exploits before its launch.
  • Elite hacker: Elite (1337 in Leet, see below) is used to describe the most skilled hackers.
  • Leet: A system of modified spellings where characters are replaced by similar looking glyphs. Also known as eleet or leetspeak.
  • Script kiddie: A script kiddie is an unskilled hacker who breaks into computers by using automated tools or scripts created by others, usually with little or no understanding of the underlying concept.
  • Neophyte: Someone who is new to hacking (also known as newbie or noob / n00b).
  • Hacktivist: A hacker who utilises technology to publicise a social, ideological, political or religious message.

Crystal clear right? Good! Because this is the first in a series of blogs I’ll be sharing where I’ll be referring back to these terms and definitions.

Until the next time, stay secure!

PUBLISHED BY

tunc

2 Apr. 2019

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…

Francesca Rünger-Field

The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…

Read more
AI

Text classification in the age of LLMs

Phong Nguyen

As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…

Read more
Security

How to drive cybersecurity as a top business priority

Jack Lilley

Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…

Read more
DMARC

BreakSPF: How to mitigate the attack

Red Sift

BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…

Read more