Hacked: How To Identify Who You’re Up Against

Updated January 9, 2024
8 min read
Hacked: How To Identify Who You’re Up Against


Businesses today are investing in advanced technologies to help detect hackers and secure their information. Behind every cybersecurity attack is a motivation, and it is that motivation that drives why and how the attack is carried out.

It's important to know how to identify a hacker. There are three types of hackers: white hat hackers, black hat hackers, and gray hat hackers, which can be identified based on the level of permission they have from the system owner and their motivation behind the conduct. Having the type of hacker detected allows security specialists to create a strategy for data protection.

Black Hat Attacks

Knowing how to spot a hacker and differentiate a bad one from a good one is a valuable skill in today's digital society, where cyber threats are steadily increasing. What separates black hat hackers from the other two types of hackers is that these individuals did not obtain permission from the system(s) owner, and they hack for personal and/or financial gain.

Well-versed in their knowledge of computer security, these hackers diagnose the system, penetrate it, and exploit it with the wrong intention, trying to get access to systems where they do not have authorized entry. Upon gaining access, these individuals often steal, modify, and/or destroy data. 

The malicious nature of their attack and the unauthorized access to systems make the conduct criminal and illegal. 

An example of this is Kevin Mitnick, who is (in)famous for the millions of dollars of data he stole from telecom companies and the national defense warning system in the 1990s. He first received national attention in 1982 when he hacked into the North American Defense Command (NORAD), which inspired the 1983 film War Games. During the 1980s, Mitnick gained temporary control of three telephone offices in New York City and all the phone switching centers in California. 

Nonetheless, black hat hackers should stay alert for "red hat hackers." These individuals utilize cyberattack strategies to combat the unethical or illicit activities of black hat hackers. Their methods can encompass a range of actions, such as implanting malware in systems run by unethical hackers, orchestrating DDoS attacks, and even deploying tools to secure remote access to the offending hacker's computer, with the aim to render it inoperative.

In other words, they take the wrong path to do the right thing, like a Robin Hood of cybersecurity.

White Hat Attacks

White hat hackers or ethical hackers are individuals who are hacking with permission from the owner of the system(s). Often, companies and governments will hire them as consultants to help prepare contingency plans to get ready for attacks.

These hackers also help companies comply with security guidelines and protocols, including laws like HIPAA, PCI DSS, and GDPR.

These types of hackers help enterprises, governments, and/or companies create defenses, detect vulnerabilities, and fix those issues before other cybercriminals find them and exploit them. 

In identifying the weaknesses and fixing them to avoid attacks from external sources, white hat hackers work per rules and regulations set by the system owner — most often, the government.

However, in the process of testing and securing, they often come across personal data. To ensure the ethical collection, use, and protection of this data, it's imperative for such professionals to use a data collection consent form.

So, what are the key motivations:

  • Finding and fixing vulnerabilities in the system before black hat hackers exploit them.

  • Develop tools for hack detection and mitigate or block hackers.

  • Enhance the comprehensive protection stance of both the software and hardware elements. Develop protective software such as antivirus programs, defense against malware and spyware, honeypots, firewalls, and others.

An example of this is the 2021 Poly Network attack, where hackers stole over $600 million worth of cryptocurrency assets from the DeFi platform, only to return the funds the following day, explaining they did it for fun and to teach a lesson.

Gray Hat Attacks

The gray hat hacker mimics certain traits of the black hat hacker and white hat hacker. While they are not certified hackers, they can operate with either good or bad intentions.

So, what are the key motivations to look for here?

These hackers make hack attempts, sometimes charging a fee to:

  • Address system errors or weaknesses.

  • Enhance the institution's defense mechanisms against security threats.

  • Offer suggestions, strategies, or instruments for rectifying system vulnerabilities.

The key question in today's digital era is often not just about how to detect a hacker but also about how to prevent unauthorized access in the first place. Some hackers release information about vulnerabilities to the public once they are patched, but in many cases, they will reach out to affected companies before publicizing that information. In the event a company doesn't respond or act quickly enough, the hacker may choose to disclose the information publicly. 


As businesses invest in advanced technologies to safeguard their information, understanding the motivations behind cybersecurity attacks becomes crucial for identifying hackers. Three types of hackers exist: black hat hackers who engage in unauthorized and criminal activities, white hat hackers who work ethically with permission to enhance security, and gray hat hackers whose intentions can vary. To prevent unauthorized access and data breaches, it is essential to use only reliable sources. Such companies value the security and confidentiality of their users' information, employ robust encryption and security measures to safeguard sensitive data, and strictly adhere to GDPR compliance and handle personal data with the highest standards of protection. 

Article by
Andrew Rossow
AR Media Consulting

Andrew Rossow is a Legal Contributor at Lawrina. He is a practicing attorney, adjunct law professor, writer, and speaker on cybersecurity, digital monies, and privacy. Using his millennial upbringing, Rossow provides a well-rounded perspective on the legal and technology implications Bitcoin brings to consumer finance. His work has been featured on Bloomberg News, Cheddar, CoinTelegraph, Law360, and numerous others. You can follow him on Twitter at @RossowEsq or visit his website AR Media Consulting.