Let’s categorize hackers!

Let’s categorize hackers!

Traditionally, we acknowledge types of hackers based on the purpose of their job.

The well-known categories are black hat and white hat hackers. Black hat hackers are those who steal data for criminal purposes. This type of hacker is the one that media mentions as criminals. They violate computers, system, and network for their own personal gain, mostly for financial reasons. On the other side, there is the white hat hacker. White hat refers to hackers that use their expertise with the initial permission of the systems/network owner. These hackers are usually employed by organizations or companies who are eager to check their network security. Last but not least, there are always people in the gray area. These people are in the gray hat hacker category, where they compromise the security system without initial permission but at the end offer to fix these security holes.

However, it is actually not as simple as black, white, or gray. In life, people have different purposes in things they do. It is important to look more details of why hackers do their job. Is it financial reason, popularity gain, or business purposes? Understanding the motivation of hackers will help to understand more how we can protect our systems.

Based on Roger Grimes, a security adviser for years, based on the action they take and background motivation, hackers are able to be grouped into seven categories:

The cyber criminals

This is might be the biggest group of hackers with the main purpose of stealing money. They use malware, manipulation techniques, fake programs, stealing technique in order to achieve financial gain.

Spammer and adware spreaders

We sometimes will not put these people as hackers. However, these hackers use illegal advertising method to promote others or their own products. This is very common on online industry. How often do you see an advertisement with slimming pills promotion?

Corporate spies

People who are paid in order to gain specific intellectual properties of other company belong to this category. This is usually a short-term action and will stop when they get what they need. With the presence of internet, these corporate spying activities can be done anywhere anytime.

APT – Advance Persistence Thread – agents

Unlike corporate spy, APT is more organized and usually well-funded. It has a long-term purpose of stealing certain intellectual properties from other companies. They go on-site and usually want to duplicate ideas and re-produce it.

Cyber warriors

The word warrior is used as this is an intruder group with an objective to disable opponent’s military capabilities. This group is usually for “war” between countries.


Many people acts based on their ideology and belief. This is what happened to hacktivist. They content based on their personal belief with the purpose of weaken their opponent.

Rogue hackers

These hackers do their action in order to prove their skills. Although they may have financial benefit from their action, the main purpose is to gain popularity and self-esteem. Unlike other groups, they do not really care about their opponents but their ego’s.

To understand the main purpose of hackers will determine general ideas on how they do their works. Different groups usually perform different actions. For example, APT agents will want to be involved in all sector of your organization, especially research and strategically things. On the other hand, corporate spies might try to approach your employee to gain important access.

To take sometimes to analyze why intruder want to be in our networks and/or organization allows us to make proper precautions.