Hacker is a reused word that has almost completely lost its original meaning. It used to denote a talented, self-motivated coder. The prototypical hacker was practically obsessed with programming, to the exclusion of all other activities. Instead, they’d focus on learning the fundamentals of computers, networks, and, most importantly, the software that governed it all. Apart from the lack of social interaction, hacking was not viewed as hostile activity.
Cybercrime became a potential, then a reality, as technology advanced. Because hackers could only commit the crimes, the name “hacker” became contaminated. It evolved into what it signifies to the majority of people today. When you ask someone to define a hacker, they’ll say someone who has a vast understanding of computers, operating systems, and programming, as well as the illegal intent to get access to computer systems they shouldn’t.
The genuinely terrible person is a black hat hacker. They’re the ones who break into computers and commit cybercrime. They are attempting to profit from their unlawful actions.
A white-hat hacker is allowed to try to break into a network. They are hired to test the security of an organization.
However, things are rarely black and white in life.
A grey hat hacker acts the same way as a white-hat hacker, except they don’t ask for permission first. They examine a company’s security and submit a report to the corporation in the hopes of receiving compensation in the future. Even if the corporation is thankful and makes a payment, they are breaking the law—hacking a network without permission is unlawful, period. Gray hats operate on shaky legal ground.
A blue hat hacker isn’t particularly experienced but has managed to obtain low-level attack software, such as a distributed denial-of-service assault. They utilize it against a specific company that they want to inconvenience for whatever reason. Such approaches could be used by a disgruntled ex-employee, for example.
The lone vigilante of the hacking world is a red hat hacker. They’re hackers who hunt down black hats. The red hat, like the grey hat, employs legally dubious means. They act outside of the law and without government authority, much like Marvel’s Punisher, dispensing their brand of justice.
Someone who aspires to be a hacker is known as a green hat hacker. They’re black hat aspirants.
CRIMINAL AND PROFESSIONAL HACKERS
Professional hackers can work as self-employed ethical hackers, testing the defenses of any firm that wants their security assessed. They may be ethical hackers who work for larger security firms, performing the same tasks but with the added security of a formal job.
Organizations can hire ethical hackers on their own. They collaborate with IT support colleagues to constantly explore, test, and improve the organization’s cybersecurity.
A red team is tasked with gaining unauthorized entry to their own company, while a blue team keeps them out. These teams’ personnel are sometimes all of the same hues. You’re either a member of the red or blue groups. Other companies like to mix things up by having employees switch teams and take the opposing perspective for the next activity.
Threat actors occasionally leap the security industry. Security consulting firms are managed by colorful industry figures like Kevin Mitnick, who was once the world’s most sought hacker.
Other famous hackers have been headhunted into mainstream jobs, such as Peter Zatko, a one-time member of the hacking collective Cult of the Dead Cow. In November 2020, he joined Twitter as head of security following tenures at Stripe, Google, and the Pentagon’s Defense Advanced Research and Projects Agency.
Some professional hackers worked for government intelligence organizations or their military counterparts and were taught by them. This further complicates the situation. To safeguard national security and combat terrorism, government-sanctioned teams of operatives entrusted with intelligence collection, defensive and offensive cyber actions are a must. It’s the current state of affairs in the modern world.
SHADOW WORLD ALUMNI
Cyber-intelligence units are present in all technologically advanced countries. They collect, decrypt, and analyze military and non-military intelligence strategically, at operational and tactical levels. They give attack and surveillance software to people that carry out state-sponsored espionage tasks. They are participants in a shady game where the adversary is attempting to do the same thing to you. They want access to your systems just as much as you want access to theirs. Your adversaries, like you, are developing defensive and offensive software tools and attempting to detect and exploit zero-day assaults.
Why not hire an excellent poacher to be your gamekeeper if you’re going to employ a poacher? That is an excellent suggestion. But what if one of your former top hackers decides to work in another country or makes another contentious career move?
It turns out that this isn’t something new, and it happens all the time. Shift5 is a cybersecurity company created by two former NSA employees. They worked not just for the NSA but also the Tailored Access Operations section. This is one of the most secretive departments of the National Security Agency. Shift5 promises to produce technology that will aid in the protection of critical infrastructure in the United States. Consider power grids, communications, and oil pipelines. In October 2021, they announced a $20 million fundraising round. That’s homegrown talent from the United States defending the United States, which sounds entirely appropriate.
SKILLS IN DEMAND
For their experience and appealing skill sets, companies hire competent former hackers. However, if you work for a state or military agency, you must be aware of the limitations and controls in place to ensure that your services are provided to approved groups and for the right reasons.