White Hat Hackers – the forgotten good guys

Last week on the GFI blog we discussed why hackers do what they do. Today we will be looking at ‘white hat hackers’ and why most of the time they are the forgotten good guys in the IT world today.

The word hacker has a long history of controversy over its precise meaning. Mostly it refers to bad guys, those that break into computers to steal, spy or cause damage but that’s not all it encompasses. Many ‘ethical’ hackers took umbrage at this name and tried to convince the world that not all hackers were so awful, and the bad apples should be given a new name – a phracker.

The same motive was behind the term ‘cracker’. Neither of these terms exactly caught on, so the notion of a White Hat Hacker emerged – those that use hacking techniques to ultimately strengthen an organization’s security, and who are often paid handsomely to do so.

White Hats that aren’t on the payroll sometimes come across a vulnerability. Instead of using it to cause harm, they privately disclose the hole to the vendor or organization that has it, and this vulnerability only goes public when the hole is closed or a patch is made available.

On the opposite side of the spectrum, in this world view, are Black Hat Hackers who do bad things and whom most just call hackers. In between are the Gray (or Grey) Hats (depends on which side of the pond you live on). The name really came into existence when L0pht used it to refer to their group. While they had the trappings of hackers, the group’s members had as their aim the improvement of computer security just like the White Hats – they just weren’t quite as pure.

The group went fully legit by merging with @stake, a commercial security company turning hacker expertise into true SMB and enterprise protection. The term is actually subject of a copyright from Greyhat, LCC, a security firm founded in 1998 who got the rights to the name the year before.

Like the term hacker itself, Gray Hat can have a number of meanings, everything from how folks disclose vulnerabilities to vendors, to those that are legit security pros by day and Black Hatters by night.

Which leads us to explore more fully Black Hat Hackers, a term not even needed if all hackers were truly all bad. For some the term Black Hat is a badge of honor they bestow upon themselves and these are the folks the rest of the internet really needs to worry about.

Patch industry needs White and Gray Hats

Patch vendors, such as GFI who have solutions such as GFI LanGuard intended to scan networks and manage patches, rely on the White and Gray Hats to help them identify computer vulnerabilities that need to be fixed. Software vendors such as Microsoft, Oracle and Adobe don’t spend the time to find all their own vulnerabilities, and in all fairness it is difficult to find one’s own flaws. White and Grey Hats are also slowly grabbing a bit of the spotlight with initiatives such as the Pwn2Own hacking contest organized by Hewlett-Packard as part of their Zero Day Initiative (ZDI). In this contest a number of hackers work to exploit a number of unknown vulnerabilities in Google’s Chrome, Microsoft’s Internet Explorer, Mozilla’s Firefox and Apple’s Safari browsers together with other software such as Adobe Reader and Adobe Flash Player plug-ins. In the 2015, hackers were awarded a total of $317,500 on the first day of the contest.

So let’s try and break this myth about all hackers being bad and hats off to the White and Gray Hats for all their work in keeping our networks safe.