When you hear the word hacker, your next thought probably isn’t helper. In the mainstream media, hackers are often portrayed as cloak-and-dagger, fly-by-night figures — evil geniuses who are out to get your data.
But, did you know that many of the people who search computer systems for bugs and vulnerabilities are actually out to lend a hand, or at least make an honest living?
In fact, there are many different types of hackers. Some have good intentions, while others may be malicious. Let’s take a closer look at how cybercriminals are categorized, the ways hackers can differ from identity thieves, and how you may be able to best protect yourself from the not-so-good guys.
What’s a hacker?
By definition, hackers are computer programmers who use their technical skills to breach digital systems, networks, and devices. In the process, they may employ a variety of tools and techniques, including rootkits, a type of malware that can control a system remotely; distributed denial-of-service (DDoS) attacks, which disrupt connections and services; and vulnerability scanners, or programs that find potential weak spots or loopholes.
But, that doesn’t mean they’re all bad guys. Many hackers are actually security professionals hired by software companies to find — and then help fix — unknown exploits. Their goal is to identify bugs and vulnerabilities first, before bad actors find them and take advantage.
What are the three types of hackers?
- Hackers who use their skills for good are known as white-hat hackers. They protect companies, governments, and consumers by testing and improving digital security measures, all with the aim of keeping data out of the wrong hands. An ethical hacker may be employed as a security engineer for a major corporation or a computer forensics investigator for the NSA. This type of hacking is legal and necessary work; practitioners can even earn special credentials and certificates designed specifically for ethical hackers.
- Black-hat hackers may act without such noble intentions. These bad actors engage in criminal activity, such as breaking into protected digital systems without permission. Working alone or in groups, some black-hat hackers aim to steal and sell data for personal financial gain. Others work to modify, delete, or leak valuable data to harm a competing organization, corporation, or nation-state. One famous example is Iranian Behzad Mesri, a former member of the Iranian military who allegedly stole unaired content from HBO in 2017, then held it ransom for millions in bitcoin.
- Gray-hat hackers fall somewhere in between. Gray-hat hackers don’t generally leak data or bring down systems. But a gray-hat hacker might illegally search a private system for vulnerabilities, then contact the owner and offer to fix a previously unknown issue — for a hefty fee. A gray-hat hacker may also engage in unethical behavior if they see the potential to benefit the common good. For example, some sources suggest the professional hackers who helped the FBI crack a San Bernardino terrorist’s iPhone back in 2016 were gray hats.
What’s the difference between a hacker and a cybercriminal?
Cybercriminals are people who use computers or the internet to commit crimes. Both black- and gray-hat hackers may break the law, effectively becoming cybercriminals. All 50 states have computer crime laws governing the damage or disruption of computer systems.
Just as there are many ways to break these laws, there are many faces of cybercriminals. Some are petty thieves: lone wolves who steal information for financial gain. On the other end of the spectrum, there are organized crime groups who use the internet to buy and sell illegal goods — think weapons and drugs — or broker unlawful services. Corporations may break the law by engaging in cyber espionage, while nation-states have been known to hire cybercriminals to spy on other governments, steal information, or otherwise engage in cyber warfare.
What about identity thieves?
There’s a lot that goes into categorizing different types of hackers, but the terms hacker, cybercriminal, and identity thief are often used interchangeably — and inaccurately.
Identity thieves use stolen personal information, such as your name, birth date, and Social Security number, for illicit personal gain. An identity thief might open a new line of credit, take out a loan, or even receive medical services using your name.
Identity theft can happen without a computer, like when someone applies for a job in-person — using your Social Security number. But identity theft is increasingly carried out on the internet. As companies continue to track and store our information, our digital footprints grow — and unfortunately, those data trails can become fodder for fraudsters.
In 2018 alone, 14.4 million people were victims of some type of identity theft. If you happen to be one of them, you know it can be incredibly difficult to untangle the mess and reclaim your records. As a result, consumers are rightly worried: InfoArmor’s Data Privacy and Consumer Expectations report shows that 75 percent of American consumers are more concerned about malicious hackers accessing their data than they are about companies tracking and storing their information.
While we can’t always control what happens to our data, we can be vigilant about protecting our identities, both online and in the physical world.
How can I protect my data?
If you’re a PrivacyArmor Plus member, you can feel good knowing there are a number of protections in place to help you if your information does fall into the wrong hands, whether the breach is caused by a cybercriminal, identity thief, or a plain old accident.
To up your protections, log in to the portal and switch on dark web monitoring. This helps our bots and human-intelligence operatives help you. Once you enter your login credentials, passwords, and IP addresses, we can notify you of their potential exposure on the dark web, where hackers may find your information and then sell it to identity thieves. Once you’ve logged on, you can also link financial and social accounts for us to monitor, and refresh your VantageScore 3.0 credit score or lock your TransUnion credit report. Experts recommend checking your credit scores and reports regularly. Often, this is where evidence of identity theft may appear.
While you’re in the portal, you can also up your offline defenses. With our lost wallet protection feature, you can securely store key details, such as your driver’s license number, to make the recovery process go much smoother if your goods are ever lost or stolen in the physical world.
You can’t stop cybercriminals and identity thieves from operating. But with PrivacyArmor Plus, you’ll have a holistic, multi-faceted approach to your data protection, not to mention a team of Privacy Advocates available to help with round-the-clock remediation and alerts that spurn immediate action should you ever become a target. Doesn’t it feel good to be proactive?