Articles‎ > ‎Data Security‎ > ‎

Types of Hackers (A Brief Introduction)

When the word "hacker" first came in to use, it referred to an enthusiast who was really good at doing something (originally it was used in reference to model railroad building).  The term's origins date back to the 1960s at Massachusetts Institute of Technology's (MIT's) Tech Model Railroad Club (TMRC).

Some of the people from TMRC found an early computer, and later applied the term to someone who created innovative methods utilizing hardware or programming to extend features beyond its original functionality (which was known as a "hack").  For more background see the 1984 book "Hackers: Heroes of the Computer Revolution", by Steven Levy.

Over the last few decades the media has popularized the word  to mean criminal,  instead of meaning a technology enthusiast.  I think the word "hacker" became part of the mainstream lexicon back in 1982 when  the movie Tron came out, then later reinforced in 1983 when the movie WarGames hit the big screen. 

Like many things they start out simple but get complicated over time.  Originally there were two types of hackers, the good hackers (known as "white hats") and criminal hackers (known as "black hats").  This reference probably dates back to the old cowboy movies where the good guys wore white and bad guys wore black.

Below is a list of the different types of hackers and hacker organizations:
  • Enthusiast: A computer hardware or programming expert that makes a program or device perform functions that it was not intended to do.  For example, adding features to a camera by modifying its existing firmware (see the site CHDK [] which adds functionality to Canon cameras).
  • White Hat Hackers: These people are coding and technology experts that generally try to find weakness in hardware and software before the criminals can exploit them.  These people will often work for a business or government agency to help protect computing infrastructure or aid in the criminal investigation
    • Note: The term "White Hat Hackers" is generally not used in the industry, they're often referred to as "ethical hacker", "security professional or engineer".
  • Script Kiddies: A person with some basic computer skills who "hacks" for fun or recognition.  These individuals are generally limited by the sophistication of the programs that they're using or their knowledge of the target they're attacking.
  • Hacktivists: A person or a group of political or social motivated people that try to make public statements about their cause by performing some acts of computerized civil disobedience. Anonymous is one of the better known hacktivist group that has been credited for attacks against child-porn sites,  businesses, banks, NATO and other various government websites.
  • Black Hat Hackers: These people are generally coding and technology experts that take advantage of weakness in hardware and software generally to infiltrate targets, steal or destroy information for themselves or a group.  These type of attacks often prove costly for businesses and governments to cleanup.
    • Note: The term "Black Hat Hackers" is generally not used in the industry, they're often referred to as criminals or intruders.
  • Hacking Group: Generally a loose collection of mostly "script kiddies" and few real hackers who wield more power as a collective than as individuals, and can cause serious disruption to business. For example, groups like Anonymous and LulzSec, have been known for attacking companies, governments, and other organizations.
  • Organized Crime: Led by professional criminals, that hire black hat hackers and other individuals to perform illegal activities such as stealing information, identity theft, etc.  These groups operate within a sophisticated structure, guided by rules to help ensure their crimes go undetected by law enforcement.
  • Nation States: With access to the latest technology and technical people with the proper skills and training, these countries can develop electronic warfare to disrupt critical infrastructure, military, or the financial sectors.  They can also infiltrate businesses or government agencies to  steal secret data and other types of information.
  • Automated Crimeware: A software application that can allow criminals with just a little computer knowledge to build customized computer viruses, worms or bot-nets that can be targeted at specific individuals, companies, organizations or governments to collect information or perform a specific action.