Are all hackers criminals?


Not all hackers are created equal. The terms ‘hacker’ and ‘cyber criminal’ seem to be used interchangeably in online media which is both misleading and reductive. A cybercriminal uses online means to profit from illegal activity regardless of the cost to its many victims. Hacker is a blanket term that doesn’t allow for much differentiation between those who hack for good and those who hack for evil. Many hackers hack for profit. But not all hack to profit from online crime.

In the US, western films between the 1920s and 40s contrasted heroes and villains with the use of black hats (villains) and white hats (heroes). This term has been adopted to define classes of hacker. There are essentially four kinds of hackers; black hat, white hat, grey hat and hacktivists. The key to distinguishing between them lies with the permission to hack.

Black Hats

Black-hat hackers, or simply ‘black hats,’ are the type of hacker that violate computer security for personal gain. Examples of this include stealing credit cards numbers or mining for personal data to be sold to identity thieves. An example of just how lucrative this can be made the headlines recently when a hacker offered over 650,000 patient records for sale on the dark web; a class of different locations online that are hidden from public search engines and regular internet users. The data, stolen from various medical institutions, included names, addresses and social security numbers. The perpetrator will likely make close to USD$800,000.

Black hat hackers are online criminals who hack without permission for illegal financial or personal gain. Some simply hack for revenge or to prove that they can. The term ‘black hat’ is also used in everyday tech language to describe any kind of person or activity that is considered underhanded or somewhat dodgy, such as SEO black hats who drain website traffic and sell it back to the site owner.

Grey Hats

As in life, between black and white there are various shades of grey. A grey-hat hacker falls in the space between a black hat and a white hat. A grey hat doesn’t work for their own personal gain or to cause damage, but their actions may technically be illegal. A grey hat hacker does not ask permission to hack. If a flaw is found a grey hat may reveal the flaw to an organisation privately, enabling them to fix it. Sometimes, however, a grey hat may reveal the flaw publicly which is not necessarily malicious but exposes organisations to black hats who can and will exploit the vulnerability.


Under the same umbrella as grey hats, hacktivists hack systems as a form of political protest. Anonymous, perhaps the most notorious hacktivists blur the lines of good and bad, always hacking without permission but for what they believe is the greater good. Anonymous have gained a lot of exposure for their Robin Hood type takedowns, such as the hacking and shutting down of child porn sites. They took it one step further however when they leaked the names of visitors to these sites.

When Michael Brown was shot by a police officer in Ferguson on August 9, 2014, Anonymous intervened, collecting evidence to expose Brown’s killer in the name of justice. However, after collating all the data they had collected, Anonymous came to the incorrect conclusion and released the name of an innocent man.

Another attempt to seek justice saw Anonymous leak details of thousands of Bay Area Rapid Transport (BART) users. The hack was in retaliation for BART shutting down cell service during a protest to stop activists communicating with each other. Many innocent personal users were caught in the crossfire and had their personal information leaked online.

Though their intentions are good, the means of hacktivists are illegal and the outcome often display mixed results. Additionally, the key objective of a hacktivist is to hack without permission to further a political cause.


White Hats

White hats hack with permission in what can be a lucrative industry for the highly skilled. Looking for vulnerabilities in companies, hackers are hired to find bugs and alert developers or companies so that they can be resolved. White hats often work for profit but don’t gain from the exploitation of others.

HackerOne is a company founded by two twenty-five year old hackers who discovered a vulnerability in their university’s grading system. After the university was alerted, and the boys were paid handsomely, they founded a business based on the idea that companies will play good money to be informed of breach points before black hats do.

Ethical Hackers are certified by a means of an exam involving penetration tests, whereby hackers seen to penetrate networks and computer systems with the purpose of finding and fixing any vulnerable access points they encounter. While unauthorized hacking, black hat hacking, is illegal, testing that is authorised by an organisation is not.

At Emsisoft, we invite ethical white hat hackers to put our software to the test. We’re keen to improve our products continuously, as we all know such a thing as perfect code doesn’t exist.


So, as you can see, not all hackers are the same. The key is the permission to hack and the means of receiving any kind of gain from found vulnerabilities.
A grey hat does not ask for permission but has no intention to cause harm or damage though their means may be illegal. A white hat is hired and permitted to do his work. A black hat is not.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a great (malware-free day!)

Senan Conrad

Senan Conrad

Senan specializes in giving readers insight into the constantly and rapidly changing world of cybersecurity. When he’s not tapping away at his keyboard, he enjoys drinking a good coffee or tinkering in his workshop.

What to read next