Passing the CompTIA Security+ certification exam with confidence
Understand computer security, its functions, and its components
Performing basic security configurations
Become an effective security technician in a business environment
-: Hackers. There are five types of hackers that you have to recognize for the Security+ exam. They are white hats, black hats, gray hats, blue hats, and elite. A White Hat hacker is someone who is non-malicious. This is somebody who is going to attempt to break into a company at their request. In fact, the white hats are either on the payroll of the company or they're contracted to do this as a service. We also refer to these as ethical hackers or penetration testers. They are highly professional and they use open source tools and their own tool kits to try and break into a company and test their defenses. Black hats on the other hand are malicious. These are the bad guys. These are malicious hackers who try to break into computer systems and networks without anybody's authorization or permission. This is the person that Hollywood likes to portray. They always portray them as somebody in a black hoodie in a darkly lit room hacking away at three in the morning. This may or may not be the case but the concept remains the same. These are the bad guys, these are the people trying to break into our networks and trying to steal our information. Or they're trying to get money out of us as a ransom to get our information back. Now between a white hat and black hat, we have something known as a gray hat. A gray hat is a hacker without any affiliation to a company. They attempt to break into a network and they risk breaking the law by doing it. Now the difference between a gray hat and a black hat is that a black hat has malicious intent. A gray hat doesn't necessarily have that. They may just want to be trying to hack into a company to see if they can do it. They don't want to cause any harm to the company, but instead a black hat, if he was doing it, would be trying to do it to steal their data, delete their data and hold it for ransom or other things. Now, when we look at gray hats, gray hats are still breaking the law because they are not the ones who are asked to come in and break into those networks and so they are on the bad side of things. But they're also a lot of times kind of a good guy, because a lot of times they'll break into a company and then turn around and say, "hey Facebook, I broke into your network and here is how I did it. Go patch that vulnerability." That's why they're kind of white and kind of black, they are in the middle, that's why they're gray. But again they are on the breaking the law side because nobody has asked them to come in. The fourth type of hacker we have is known as a blue hat hacker. A blue hat hacker is that person who is attempting to hack into a company's network with their permission but they're not employed by the company. So this might be somebody who is essentially a freelance ethical hacker or a freelance penetration tester. Where as a white hat was actually hired and paid for and contracted by the company, a blue hat on the other hand isn't. They may be doing this as part of something like a bug bounty program where they allow anybody to participate and find the vulnerabilities in their systems. In fact, a lot of companies now are registering with a company called Hacker One which is a central repository for bug bounty programs. Blue hat hackers can go to Hacker One and register themselves and then they select the companies that they want to target. By doing this, they now have permission to target those companies within a guided set of rules of engagement that Hacker One provides. And if they are able to find a vulnerability or a way in, they can report it back to the company and the company has agreed to pay them a bounty -: some amount of money based on what they found. This is basically allowing companies to get a large pool of ethical hackers constantly going after their websites for a very low cost. Instead of having to hire these people directly, they only have to pay them if they find an error. The final category is what we call Elite. Elite hackers are those who find and exploit vulnerabilities before anyone else does. These people are the ones who create their own tools. They do their own programming and they're the ones who are going to develop the tools that pretty much everyone else, white hats and black hats, are going to end up using. Now is an elite hacker a good guy or bad guy? Is he a white hat or a black hat? Well, they can be both depending on who they are. What has been found is that elite hackers represent a very small minority of hackers. One out of 10,000 are considered to be an elite hacker. And so these people, if they have evil intentions and they are malicious in nature we would categorize them as a black hat, elite hacker. But if they are a penetration tester and they are working on the side of good, they might be a white hat elite hacker. And so elite doesn't reference whether they are good or bad, instead it references the skill level of the attacker. Now, all the way on the other side we have what's called a Script kiddie. A Script kiddie is as far away as you can get from a lead. This is somebody who uses everybody else's tools and they might not even know what they are doing with them. They're just running programs to see if they can hack something. That's what a script kiddie does. Elite is all the way on the other side. These are the best of the best and highly professional. Script kiddies are the babies of the bunch.