There are many types of hackers, like white hats, black hats, grey hats, script kiddies, and hacktivists. Contrary to popular opinion, not all hackers are bad, and each type has a specific role and target.
I’ll show you all the hacker types, their motives, and the people most at risk of being targeted by each.
12 Types of Hackers
Here are the 12 hacker types you’re most likely to run into.
White Hats (Ethical Hackers)
A white hat hacker is a security expert that deals with penetration testing to find potential vulnerabilities that a black hat could exploit.
Therefore, white hat hackers use similar methods as black hat hackers.
However, they do so with express permission from the system owner.
They have to alert the owner to any vulnerabilities when they find them, so they can be fixed before malicious actors can exploit them.
|Motives||To detect security vulnerabilities in systems.|
|Their Targets||Black hat hackers|
|Hacker Example||Marcus Hutchins is a cybersecurity researcher from the United Kingdom. He discovered a "kill switch" that helped stop the spread of the WannaCry ransomware attack that had affected hundreds of thousands of computers worldwide. After registering a domain name used by the malware, Hutchins effectively stopped the spread of the ransomware, forcing it to enter a dormant state. This action was credited with preventing the attack from becoming even more widespread.|
Black Hat Hacker
A black hat hacker is among the most dangerous hackers around.
They use their skills to gain unauthorized access into even the most secure computer systems to steal sensitive information, or cause unimaginable harm to networks and websites.
The main motives of black hat hacking are money, the thrill of committing crime, or causing damage to targeted systems because they can.
|Motives||To take advantage of breaches to steal money or valuable data.|
|Their Targets||Organizations, businesses, governments, etc.|
|Hacker Example||Kevin Mitnick is another famous former hacker. He gained notoriety as a highly skilled hacker at the close of the last century and was arrested and sentenced to five years in prison. Soon after his release, he started using his skills in the corporate world where he has built a thriving career as a security consultant. He makes money helping businesses and government agencies improve their cybersecurity frameworks.|
Grey Hat Hacker
A grey hat hacker is a computer security expert with the potential to violate ethical standards. However, unlike black hat hackers, their actions are not solely for personal gain or malicious intent. Their biggest motivation revolves around identifying and exposing possible security vulnerabilities in systems. Gray hat hackers may also, from time to time, engage in “ethical hacking” activities like penetration testing for large clients to help the organization improve its security.
|Motives||To detect network vulnerabilities and sometimes take advantage of breaches.|
|Their Targets||Black hat hackers|
|Hacker Example||Adrian Lamo discovered vulnerabilities in high-profile networks and systems, such as The New York Times and Yahoo. He was also a key player in the Chelsea Manning case who got convicted of leaking classified data to Wikileaks. Lamo is the one who reported Manning to authorities after she confided in him about what she had leaked. He mysteriously died in 2018.|
Hacktivists are in most part harmless groups of hackers who use their skills and knowledge for political or social activism without causing damage to citizens.
Their biggest driving force is to promote agendas that lead to large scale changes.
|Motives||To push political and social agendas.|
|Their Targets||Governments, security agencies, and big conglomerates|
|Hacker Example||Anonymous is an international group of activists and hackers known for high-profile cyber attacks against governments and large corporations. They have links with the Antisec movement and were involved in high-profile hacktivism campaigns, such as #OpSyria and #OpParis. They’ve also targeted government websites and institutions like the FBI, CIA, and Sony in the recent past.|
Script kiddies are hackers who use pre-written scripts or tools created by others to hack into systems or websites. Most times, they’re young people with little or no understanding of how these scripts work other than how to execute them.
A script kiddie is often motivated by thrill-seeking, mischief, or a desire to prove their skills to others. They typically need to gain the knowledge and experience of more experienced hackers so their methods and tools aren’t considered major cyber threats.
|Motives||To cause mischief or look cool to friends, etc.|
|Their Targets||Simple computer networks, security systems, and websites|
|Hacker Example||Mafiaboy, whose real name is Michael Calce, set off a series of high-profile DDoS attacks around the year 2000 against Yahoo, eBay, and Amazon. He was only 15 years old at the time, but he was able to cause millions of dollars in damages and disruption against those named websites. Calce was eventually arrested and convicted of computer-related crimes.|
State-sponsored hackers are the most sophisticated hacker types.
They’re usually an army of hackers who are sponsored by a government to conduct deliberate but clandestine cyber attacks against other nations or organizations.
These elite hackers are the most highly skilled and have unlimited access to sophisticated tools and techniques.
They may target government agencies, military organizations, critical infrastructure, and other sensitive targets to gain access to classified information or disrupt operations.
A majority of recent international wars have seen an increased use of these types of hackers.
|Motives||To steal data, espionage, or sabotage.|
|Their Targets||Governments, agencies, militaries, and conglomerates|
|Hacker Example||APT28 is a group believed to be affiliated with Russia. It has been linked to several high-profile cyber attacks, including the 2016 US Presidential Election hack that gave Trump the presidency. They're known for sophisticated spear phishing tactics, used to access victims' networks and then use dangerous custom malware to capture sensitive data.|
Whistleblowers reveal classified information about illegal, unethical, or fraudulent activities within organizations. Most times, these crimes are committed by their employer, or important people in positions of authority. A typical whistleblower does this out of a sense of moral or civic duty, or a strong desire to correct a perceived wrong.
They just want to hold those in power accountable for their actions.
|Motives||To expose fraud.|
|Their Targets||Governments, agencies, and business organizations|
|Hacker Example||Edward Snowden is a former contractor for the National Security Agency. In 2013, Snowden leaked countless classified documents to journalists revealing the extent of the US government's surveillance activities domestically and internationally. The most controversial leak was the mass collection of phone and internet data. Snowden has been living in hiding in Russia since 2013.|
Malicious insiders have authorized access to an organization’s systems, networks, or confidential information. They can use that access for unauthorized or illegal activities, such as stealing sensitive information, causing disruption or damage to the organization’s operations, or engaging in fraud.
A Malicious insider is typically a current or former employee, contractor, or business partner with legitimate access to the organization’s resources.
They usually have a deep understanding of the organization’s systems and operations, making detecting and preventing their activities very difficult.
|Motives||To steal sensitive information for monetary gain or revenge.|
|Their Targets||Governments, agencies, and business organizations|
|Hacker Example||Harold T. Martin III, like Snowden, was a contractor for the National Security Agency. He was arrested in 2016 for the theft of government property and unauthorized removal and retention of classified data. Some of the classified info included cyber weapons and hacking tools.|
Cyber terrorists are hacker individuals or groups that use the internet and modern forms of technology to carry out acts of terrorism. Their main aims are to spread fear, cause disruption, and damage or destroy critical infrastructure. They’re the digital versions of kidnappers.
|Motives||To spread fear and destabilize governments.|
|Their Targets||Governments, agencies, militaries, and business organizations|
|Hacker Example||The Lazarus Group is another dangerous hacker outfit believed to operate out of North Korea since 2009. The group specializes in custom-written malware and has been linked to high-profile cyber espionage campaigns against Western governments and corporations. In 2017 they were believed to be behind the WannaCry ransomware.|
A botnet is a network of compromised computers or Internet of Things (IoT) devices that a hacker controls. This hacker is usually called a botnet operator, and they do this without the knowledge or consent of the devices’ legitimate users. The devices, or bots, can carry out various cyberattacks, such as a DDoS attack, click fraud, and spamming.
|Motives||To commit fraud, steal information, and spread malware for profit.|
|Their Targets||Business organizations|
|Hacker Example||Mirai is a dangerous botnet that was created to take advantage of Internet of Things devices. These include unsecured routers and security cameras. Mirai has since been used in several high-profile DDoS attacks, with the most famous one being against a company called Dyn in 2016. This attack caused massive shutdowns of Twitter, Netflix, and Reddit in the United States and some European countries.|
Cryptojacking is the unauthorized use of a victim’s computer resources to mine cryptocurrency. A Cryptojacker, also known as a crypto-miner or coin-miner, uses malware or scripts to infect a computer or device and then utilizes its processing power to mine cryptocurrencies, such as Bitcoin, Monero, or Ethereum.
The hacker can then use the mined cryptocurrency for their financial gain.
|Motives||To steal cryptocurrencies.|
|Their Targets||Crypto miners|
Gaming hackers use hacking techniques to gain an unfair advantage in online games. They cheat in massively multiplayer online (MMO) games, exploiting game bugs or using bots for farming in-game resources. Their main motives are to achieve a high ranking, get more virtual items or currency, or ruin the experience for legitimate players.
Examples of everyday gaming hacks include speed hacking to move faster than intended, using aimbots to automatically aim and shoot other players, and duping to duplicate in-game items. Some hackers also create cheats or mods that allow players to access features that are not intended to be used, like god mode, teleportation, and no-clip, among many others.
|Motives||To gain an advantage over other players.|
|Their Targets||Other gamers, the game itself|
|Hacker Example||Samy Kamkar is the most famous gaming hacker. He specialized in creating undetectable cheats for various games, especially a first-person shooter game called "Counter-Strike." Kamkar was eventually caught and banned from multiple online gaming communities. However, he has since gained a reputation as one of the most skilled and successful gaming hackers of his time.|
While this is a list of the most common hacker types, it’s not exhaustive.
Other notable types include blue hat hackers, green hat hackers, and red hat hackers, all of which can inflict untold damage if you’re not careful. This is why using security tools like VPNs is highly recommended.
Read more on how a VPN can keep you safe from hackers.