What is the difference between black, white and gray hat hackers?

Not all hackers are inherently evil. In the mainstream media, the word “hacker” is often used to point out cybercriminals. However, a hacker can actually mean anyone, regardless of their intentions, who utilise their computer software and hardware knowledge to break down and evade security measures on a computer, device, or network.


Hacking itself is not an illegal activity unless the hacker compromises a system without the owner’s permission or uses the skill to perform illicit activities. Even companies and government agencies employ hackers to help them secure their systems.

Generally, hackers are categorised into three types of metaphorical “hats”: “white hat”, “grey hat”, and “black hat”. The terms were derived from old spaghetti westerns, where the bad guy wears a black cowboy hat and the good guy wears a white hat.

Two main factors determine the type of hacker you’re dealing with: their motivations, and whether they’re breaking the law or not. To understand more vastly, we must compare these hackers and conclude what separates them from one another—more about that below.

different types hackers and what do they mean

Black Hat Hackers

What are black hat hackers? In simple terms, cybercriminals who use their ability to compromise computers and networks for profit or revenge are known as black hat hackers. Like all hackers, black hat hackers usually have extensive knowledge about breaking into computer networks and bypassing security protocols. They are also responsible for creating and spreading malware, famously known as malicious software used to access these systems.

Their main motivation for these hackers is usually for personal or financial gain, but they can also be involved in cyber spying, protest, or perhaps are just addicted to the thrill of wreaking havoc into people’s lives. Black hat hackers can range from amateurs getting their feet wet by spreading viruses to experienced hackers that aim to steal data, specifically financial information, personal information, and login credentials. Not only do black hat hackers seek to steal data, but they also seek to modify or destroy data as well.

Some of these hackers might also be trained by criminal organisations for larger crime targets, such as hijacking a banking institution, government systems, or any other companies that could be used as profit-gaining tools. In addition, they are often capable of managing high-security breaches, phishing techniques, and similar hacking specialities.1 These types of “Job Forums” are usually applied by criminal-minded software engineers through the dark web with the intention of earning quick money.

White Hat Hackers

Similarly specialised individuals, white hat hackers choose to use their powers for good rather than malicious purposes. Also known as “ethical hackers,” white hat hackers can sometimes be paid employees, contractors working for companies as security specialists, or even the governments attempting to find security holes via hacking.

White hat hackers employ the same hacking methods as black hats, with one exception- they do it with permission from the system owner first, which makes the process completely legal. White hat hackers perform penetration testing, test in-place security systems, and perform vulnerability assessments for companies. Simply, these hackers are assigned the task of identifying security holes and filling those gaps to prevent further damage.

Recently, “bug bounty programs” have been in effect, which is offered to a variety of software and hardware specialising individuals worldwide by large companies and websites to find bugs in their system and rewarding them once they identify such system flaws. There are even courses, training, conferences, and certifications for ethical hacking.

Grey Hat Hackers

As in life, there are grey areas that are neither black nor white. Grey hat hackers are somewhere in between both black and white hat hackers, who often will look for vulnerabilities in a system without the owner’s permission or knowledge, but not essentially with evil intentions. If issues are found, they will report them to the owner, sometimes requesting a small fee to fix the problem. If the owner does not respond or comply, the hackers will sometimes post the newly found exploit online for the world to see.

These types of hackers are not inherently malicious with their intents; they’re just looking to get something out of their discoveries for themselves. Usually, grey hat hackers will not exploit the found vulnerabilities but rather inform the associated company about the flaw initially. However, it is still not legal to perform these types of hacking because the hacker did not receive permission from the owner before attacking the system.

Although the word hacker tends to evoke negative implications when referred to, it is essential to remember that not all hackers are equally nefarious. Portions of these hackers are somewhat necessary in terms of securing systems and properly conducting computing services. For example, if we didn’t have white hat hackers diligently seeking out threats and vulnerabilities before the black hats can find them, there would probably massive activities involving cybercriminals exploiting vulnerabilities and collecting sensitive data than there are now.


Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.