Black Hat Hacker
A black hat or black-hat hacker is
a malicious or criminal hacker. The term hacker is also
commonly is used as a synonym for "black hat hacker".
However, in computer jargon, the meaning of "hacker" is
much more broad.
Usually a Black Hat refers to a
person that maintains knowlege of the vulnerabilities
and exploits they find as secret for private advantage,
not revealing them either to the general public or
manufacturer for correction. Many Black Hats promote
individual freedom and accessibility over privacy and
security. Black Hats may seek to expand holes in
systems; any attempts made to patch software are
generally to prevent others from also compromising a
system they have already obtained secure control over. A
Black Hat hacker may have access to 0-day exploits
(private software that exploits security
vulnerabilities; 0-day exploits have not been
distributed to the public). In the most extreme cases,
Black Hats may work to cause damage maliciously, and/or
make threats to do so for blackmail
purposes.
Grey Hat Hacker
A grey hat is a skilled hacker who sometimes acts legally and in good will and sometimes not. They are a hybrid between white and black hat hackers. They hack for no personal gain and do not have malicious intentions, but commit crimes.
White Hat Hacker
A white hat hacker, also rendered as whitehat or white-hat, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them but this is a simplification. A black hat will wish to secure his own machine, and a white hat might need to break into a black hat's machine in the course of an investigation. What exactly differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.
Ethical Hacker
An ethical hacker is a computer and network expert who attacks a security
system on behalf of its owners, seeking vulnerabilities that a malicious hacker
could exploit. To test a security system, ethical hackers use the same methods
as their less principled counterparts, but report problems instead of taking
advantage of them. Ethical hacking is also known as penetration testing,
intrusion testing, and red teaming. An ethical hacker is sometimes called a
white hat, a term that comes from old Western movies, where the "good guy" wore
a white hat and the "bad guy" wore a black hat.
One of the first examples of ethical hackers at work was in the 1970s, when the
United States government used groups of experts called red teams to hack its own
computer systems. According to Ed Skoudis, Vice President of Security Strategy
for Predictive Systems' Global Integrity consulting practice, ethical hacking
has continued to grow in an otherwise lackluster IT industry, and is becoming
increasingly common outside the government and technology sectors where it
began. Many large companies, such as IBM, maintain employee teams of ethical
hackers.
In a similar but distinct category, a hacktivist is more of a vigilante:
detecting, sometimes reporting (and sometimes exploiting) security
vulnerabilities as a form of social activism.