Moved by ideological convictions or economic purposes. In defense of the web or at the service of nations. That's who protects, or endangers, cybersecurity
It's easy to say hackers (from the English verb to hack: to cut, to break, to open a gap). The term that two or three decades ago was simply used to refer to someone with an in-depth knowledge of the computer and computer world - and consequently able to enter the depths of the system - has become synonymous with cybercriminals: who exploits the vulnerabilities of sites, email or programs to gain a personal advantage.
Even this definition, however, is simplistic and partial. Either because subtracting millions of email addresses to try to trick users through phishing is not the same as sending a far-right site offline to boycott its supporters. Which in turn is different from being in the pay of Russia or North Korea and take advantage of the features of Facebook and Twitter to destabilize Western democracies. Both because there are good hackers, who use their knowledge to defend themselves from cybercrime attacks.
Let's try to do some sort of order and to list the various types of existing hackers.
Black hat hacker
It is the hacker of the collective imagination: the one who sneaks into our email or tries to steal the credentials of members of a social network to gain a personal gain. The examples are wasted. Two hundred years ago, a hundred million LinkedIn passwords were stolen and then sold on the darkweb. While a few days ago it was made known that the Marriott hotel chain had for years been targeted by hackers who also had the goal of stealing credit card data.
The same term also defines those who insert viruses (attached to e-mails or that install themselves on computers when you download a program from an unsafe site) that allow you to check what happens on our computer (or that bombard advertising using the adware).
White hat hacker
Also known as ethical hackers, they are considered the "good guys" of the situation. Their skills are at the service of those who must defend themselves against cyber attacks: institutions, governments, businesses. White hates are the experts who first discover the vulnerabilities that could allow others to sneak into a system; that spread the patches after a bug has been detected in a program and so on. Legend has it that, in many cases, the same black hat hackers turn into white hat, taking advantage of their professional skills and without risking going to jail.
Gray hat hacker
The world is full of gray areas, could they possibly be missing in the hacker world? A gray hacker, for example, is the one who detects the weaknesses of a site without asking permission from the owner, but does so for the sole purpose of alerting the problems in which it might run (and thus, perhaps, advertise its services). Often, especially in the world of cybersecurity experts, the discovered vulnerabilities are put online so that everyone can know the risks of some services or tools.
This is the case of researchers who have dealt with the possibility of introducing remotely into pacemakers or those who have discovered how easy it was to puncture the Rousseau platform of the 5 Star Movement. The gray hat, therefore, are more on the side of the good than the bad, especially because they do not take advantage of the weaknesses discovered. At the same time, however, they operate on the margins of legality, as they sneak into the systems without asking anyone's permission.
They exploit DDoS attacks to knock down the site of a company accused of cruelty to animals or make the platform on which the right-wing militants gather inaccessible, but they also take it with nations considered hostile, with the sites of major financial institutions or with the World Bank. They are internet activists, who exploit their hacker skills for political purposes.
The best-known example, of course, is the Anonymous group, who have chosen the mask of Guy Fawkes as an emblem (made memorable by V for Vendetta). After disseminating the data of public institutions in their November 5 campaign, the activists of Anonymous Italy alerted the European Coalition against the sexual exploitation of children online, which presented a serious flaw in computer systems.
Nation state hackers
This is the case of the famous Russian trolls that have favored the Donald Trump race - and that are suspected to be directly in the pay of Vladimir Putin (through the Internet research agency) - or those of the US intelligence that have infected Iranian nuclear power plants with the famous Stuxnet virus. As you can see, these are very different practices (and in some cases they do not even require particular IT skills) but they all have one thing in common: to favor a nation over its own rivals.
They are the newcomers, the aspiring hackers who begin to get bones in this world, perhaps sneaking into the social accounts of some celebrities or trying to send a platform offline. But not only that: they are also those hackers with poor technical skills who take advantage of ready-made services - as is the case of the platforms that sell DDoS attacks - to carry out their own IT actions; maybe just for the purpose of making a bit of mess or revenge against some rival.
You could add other names to this list. Biohackers, who modify their body by inserting technological devices within them or even trying to intervene on their genes (putting at risk their own health). Or growth hackers, experts in inflating traffic to a platform using automated bots or exploiting the characteristics of social networks and search engines. But these are different cases, which have little to do with the original hackers, who have hit the collective imagination since the time of the film Wargames.