Document

Aside from the authorized and unauthorized hackers, there is another type of hacker that is a blend of both. These types of hackers are commonly called grey-hat hackers. Grey-hat hackers are individuals who exploit security vulnerabilities to spread public awareness that the vulnerability exists. While these hackers do not share the malicious intent commonly attributed to unauthorized hackers, they also don’t necessarily adhere to a code of ethics like authorized hackers.

Grey-hat hackers may opt to reveal the security vulnerability privately to the company or manufacturer without publicizing the results. However, many grey-hat hackers will publicly exploit the vulnerability found in hardware or software programs without manufacturer permission to raise awareness of the problem.

A common concern within the cybersecurity industry is that when a grey hat releases an exploit, it makes it easier for malicious hackers to steal information and data from systems. For instance, a group of grey-hat hackers identified and released a security gap in several models of Linux routers. This release resulted in updates for companies and individuals, allowing for closing that security gap. However, the exposure may have also resulted in many attacks on individuals and organizations because the exploit was released publicly.

Grey-Hat Hackers