Presentation is loading. Please wait.

Presentation is loading. Please wait.

Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

Similar presentations


Presentation on theme: "Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?"— Presentation transcript:

1 Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

2 In your groups… Have a chat about what you think the difference is between black, white and grey hat hackers.

3 Black Hat Hackers Black hat hackers/black hats are the type of hacker most often mentioned in the media. They break into computers for personal gain (e.g. to steal credit card numbers). They break into computers for malicious reasons (e.g. using a botnet they've created to perform DDoS attacks on websites they don't like). If they found a zero day, they would sell it to criminal organisations on the black market or use it to compromise computer systems.

4 Zero Day A Zero Day is a weakness in a website that the owners don’t know about yet. They can allow black hats to do serious damage.

5 White hat hackers White hat : the opposite of black hat hackers: 'ethical hackers'. Experts who use their abilities for good, ethical and legal purposes. They break into computers because they have permission to find weaknesses. Instead of using their access to steal or vandalise, the white hat reports back to the organisation and helps them improve their defenses (penetration testing). If they found a zero day, they would tell the developer, allowing them to patch their product and improve its security before it's compromised. Organisations often pay 'bounties' to white hats for their work.

6 Grey hat hackers Fall somewhere between a black hat and a white hat. Don't work for their own gain or to cause carnage but may technically commit crimes and do arguably unethical things. Might attempt to break into a computer system without permission then inform the organisation afterwards, allowing them to fix the problem. Grey hats might not use their access for bad purposes but they still compromise cyber security without permission, which is illegal. If a grey hat discovered a security flaw, they might try to sell it to the organisation or might disclose it to the public; it's difficult to know.

7 1) You guess someone’s password for their iCloud account and you purchase some apps using their account details. 4) You discover a vulnerability on your school’s website that allows you to change all your report grades to As. You change your grades. 7) Your friend leaves their account unlocked and you send an pretending to be them. 2) You guess your friend’s Facebook password and sign into their account but you tell them what you’ve done. 5) You find a zero day on Twitter that allows you to post as someone else and you post the zero day on one of Twitter’s public forums. 8) Your friend shows you their new facial recognition feature on their phone and you demonstrate how you can use a photo of them to gain access. 3) Your school gives you permission to use your cyber skills to search for weaknesses in the school system. You report back what you find and don’t tell anyone else. 6) You have a bet with your friend that you can hack into their account and when you do it you immediately log out and tell them. 9) After leaving school, you get a job as a pen tester.

8 1) You guess someone’s password for their iCloud account and you purchase some apps using their account details. 4) You discover a vulnerability on your school’s website that allows you to change all your report grades to As. You change your grades. 7) Your friend leaves their account unlocked and you send an pretending to be them. 2) You guess your friend’s Facebook password and sign into their account but you tell them what you’ve done. 5) You find a zero day on Twitter that allows you to post as someone else and you post it on one of Twitter’s public forums. 8) Your friend shows you their new facial recognition feature on their phone and you demonstrate how you can use a photo of them to gain access. 3) Your school gives you permission to use your cyber skills to search for weaknesses in the school system. You report back what you find and don’t tell anyone else. 6) You have a bet with your friend that you can hack into their account and when you do it you immediately log out and tell them. 9) After leaving school, you get a job as a pen tester. BLACK GREY WHITE


Download ppt "Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?"

Similar presentations


Ads by Google