What is ethical hacking? White hat hackers explained

Not all hackers are motivated by greed – some of them use their powers for good

Hackers may have a bad reputation as fraudsters, cyber criminals and thieves, but that’s not strictly fair. While there are a substantial amount of people out there using their hacking talents for nefarious ends, many people also use their skills positively. These people are known as ‘ethical hackers’, and they’re an integral part of the cyber security community.

Black hats, grey hats and white hats

Within the cyber security community, hackers are divided into three camps – ‘black hat’ hackers, ‘grey hat’ hackers and ‘white hat’ hackers. Black hats hack their targets for self-serving reasons, such as financial gain, for revenge or simply to spread havoc.

White hat hackers, by contrast, actually aim to improve security, finding security holes and notifying the victim so they have an opportunity to fix it before a less-scrupulous hacker exploits it. Grey hats sit somewhere between the two camps, often conducting slightly more morally questionable operations, such as hacking groups that they are ideologically opposed to, or launching hacktivist protests. White hat and grey hat hackers can both be defined as ‘ethical’ hackers.

How do ethical hackers make money?

Black hat hackers generally earn their money through theft, fraud, extortion and other nefarious means. Ethical hackers, on the other hand, are quite often employed by cyber security companies, or within the security departments of larger organisations. The fact that they know how attackers operate often gives them a valuable insight into how to prevent attacks.

Another way that ethical hackers can earn a living is through collecting ‘bug bounties’. Large companies, particularly tech firms like Facebook, Microsoft and Google, offer a reward to researchers or hackers who discover security holes within their networks or services. This encourages them to report these holes, allowing them to be fixed before they can be found by criminals.

What motivates ethical hackers?

Most hackers are motivated by curiosity, and ethical hackers are no exception. They’re often motivated by a desire to see what makes things tick, poking around in security systems just for the challenge of finding a way around them. Responsibly reporting their findings is the best way to indulge this desire whilst also staying on the right side of the law.

Many are also driven by a genuine desire to make the world more private and more secure. Exposing flaws in widely-used services and applications means that they’re less likely to be used to harm innocent people.

How do I become an ethical hacker?

If you’re a hacker that wants to become a white hat, the good news is that you’re already halfway there. Ethical hacking is more a state of mind than anything else; a desire to use talents for good, as opposed to evil. If you’d rather use your hacking talents to improve the world’s security than to line your own pockets, you’re well on your way to becoming an ethical hacker.

In terms of practicalities, the best way to get started with ethical hacking is to just start exploring. Poke around in sites, follow your curiosity and see what you can uncover – if you find any security issues, report them to the appropriate organisations.