” Hacker attacks on the Bundestag”, “Protect your data from hackers “, “Hackers infect computers and smartphones “: Whenever there is talk of illegal activity around computers, smartphones , the Internet or now also industrial plants, there is talk of “hackers”. At best, however, which is roughly simplified, is simply wrong in cases of doubt. Because in the examples above, another, less technical-sounding term is much more accurate: criminals. Or: cyber criminals. After all, it’s about legal violations.
The term ” hacker ” was originally meant for something completely different than cyber- breakers. It describes people who analyze equipment and software with enthusiasm for technology . So break down products and software developed by other people into their components to understand how they work. Sometimes even the “inventors” of the Internet are referred to as hackers because they searched for and developed new ways to communicate better with each other. The focus is always on creativity and thirst for knowledge, and not on enriching at the expense of others. Because the term hacker had little to do with IT security issues until the 1990s.
Since then, hackers have been mentioned very often when it comes to IT security. But even if you make this restriction, the general term ” hacker ” is too imprecise. Well-meaning hackers – often referred to as ” White Hats ” in the style of US black and white US Westerns – improve the security and reliability of products such as software applications, operating systems, telephones and even cars. There is hardly an IT product that hackers do not contribute to the security of – with and without payment.
White hats or ” ethical hackers ” (meaning “responsible hackers”) often turn their talent into money. For example, as a penetration tester. In other words, as experts who track down security gaps in their networks or software on behalf of companies . Or by having the vulnerabilities remunerated for vulnerabilities (bugs) found in software and online services. Such bug rewards programs have been commonplace with US companies for several years. White hats use their knowledge without harming third parties. For some years now there have been internationally recognized certificates with which ” Ethical Hacker“can prove their knowledge and positive attitude.
Criminal hackers – or ” black hats ” – use the knowledge they have gained to infect systems with malware and thus illegally loot money. Regardless of whether it concerns usernames and passwords, credit card data, information from company networks or access to systems infected with malware: criminals can loot all these points. They use human and technical vulnerabilities to reach their destination with criminal energy. The attackers do not always work for their own account: Black hats that spy on government agencies and companies in other countries in the service of governments do so for a fee from the client. Just like spies in the physical world.
There is gray between black and white. Gray Hatsdon’t ask permission before hacking. If you discover weaknesses, you often publish them freely accessible on the Internet without giving the manufacturer and the security officers enough time to prepare. This exposes the user of the product to an increased risk with the vulnerability, since the information can also be misused by attackers. For example, the attack by politically motivated perpetrators, visible in February 2017, was based on information from US President Donald Trump’s website, which was published in October 2014 in a blog without any specific reference to the politician’s website.
Hacktivists also sit between the chairs. They are often politically motivated or want to use their actions to serve the public good or to demand and promote freedom of expression. But they also often use illegal means and also affect bystanders. The most well-known hacktivist group is likely to be Anonymous. In addition to various politically motivated hacks, Anonymous became known for attacks on child pornography providers – and in the process published the names of users of these servers . Such an online preacher is an act of self-justice and can have significant negative consequences for those affected. Especially since it takes place outside of a regulated legal process.
Impact on the user
On the one hand, private Internet users benefit from hackers ( white hats ). On the other hand, they or their data may become victims of Black Hats. Just like in the physical world, the technical talent of individuals can provide more security – or be used for criminal purposes.