Hacking refers to the unauthorized access to a computer by exploiting a weakness in the system. Essentially, someone breaking into your computer and data who shouldn’t be there. This definition suggests the negative connotation to hacking — especially considering the state of cybersecurity and privacy risks facing an average internet user.
The cost of global cybercrime is expected to reach $10.5 trillion annually by the year 2025, risking the privacy of internet users. In fact, internet users now totals over 64% of the global population, or 5.16 billion individuals. This makes cybercrime activities, a.k.a. hacking, a concern for every one of those internet users…not to mention organizations that rely on the internet.
But is hacking evil? As it turns out, many organizations and security experts adopt a popular strategy when it comes to cybersecurity: the best defense is a good offense. The practice of ethical hacking has gained popularity in recent years and has given rise to three main categories in hacking:
Let’s review the key differences between these hacking categories and understand what it means for our online presence.
Black Hat hacking refers to the practice of unauthorized access of a computer system with malicious intent. Black hat hackers may be any number of bad actors…
Black hat hackers adopt a range of strategies to compromise their targets. Social engineering activities such as phishing are used to compromise the human element — the weakest link in the cybersecurity chain — especially when the target is an individual user.
Exploiting known vulnerabilities in technologies is a common practice and used to target a large audience group, some of which may fall victim to the attacks. State-sponsored hacktivism takes a step ahead and exploits backdoors planted into technologies used by government and military organizations in other countries.
Black hat hackers typically coordinate their activities and gain access to hacking tools in underground Dark Web markets — most of their attacks are not aimed at specific individuals but user groups that may be running outdated vulnerable technologies, they rely on low-effort social engineering and zero-day exploit attacks. State-sponsored hacktivists on the other hand, typically rely on sophisticated tools, try to find unknown (and unpatched) technology vulnerabilities and have vast resources at their disposal. The Stuxnet attack is a notorious example.
(Black hat hacking shares a name with one the longest standing security events: Black Hat and the related DEFCON.)
At the opposite end of the spectrum is White Hat Hacking, also known as ethical hacking. White hat hacking is the antithesis of black hat hacking.
White hat hackers are individuals authorized to find and exploit vulnerabilities in a system. They may be employed by technology companies, business organizations and government entities to identify weak links in their security chain. These are security specialists with certified academic backgrounds — as opposed to black hat hackers who tend to be hobbyists — and are employed as key members of the security department, partner or external consultants.
The goal of White Hat hacking is to examine every possible security risk acting from the perspective of a cybercriminal. Once a vulnerability is identified, the organization works with white hat hackers, security pros, to issue a fix. It’s often one part of a larger cyber threat intelligence (CTI) strategy.
In recent years, the scope of white hat hacking has extended beyond internal cybersecurity departments. Tech companies regularly hold bounty programs that motivate hobbyists and industry experts to find vulnerabilities in their systems in exchange for rewards and recognition.
At the middle of the hacking spectrum, is the practice of Grey Hat hacking. These hackers are neither motivated by malicious intent, nor are they formally employed and authorized to conduct hacking activities. Gray Hat hackers typically don’t cause damages to a victim — they discover vulnerabilities that can potentially cause damages. Then, these grey hatters reach out to the affected parties and notify them regarding the issues.
In case the party fails to respond or notice, the gray hat hackers often expose the exploit publicly, typically white hat conferences and groups where the community can work together to fix the problems. A popular example is the hacker who discovered a glitch in Facebook in 2013, which allowed him to post on Mark Zuckerberg’s Facebook wall.
Facebook CEO’s personal Facebook page, gray hat hacked in 2013. Remember this interface? (Image source)
So how do you protect against all kinds of hacking attempts: white hat, black hat and gray hat? Since most of the hacking attempts rely on simple social engineering tactics and known vulnerabilities, the following best practices can help improve your online security against hacking activities:
See an error or have a suggestion? Please let us know by emailing ssg-blogs@splunk.com.
This posting does not necessarily represent Splunk's position, strategies or opinion.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.