White hat hackers recently popped into the news on Monday when attorneys for a private investigator from Louisiana named Jordan Hamlett used, as his defence, that he was acting as a “white hat hacker” when he tried to use President Trump’s Social Security information to gain access to his tax returns.
Hamlett claims he tried to access IRS servers six times “out of sheer curiosity” to check the security of the government office’s website security. He also cited past instances in which he has helped other organizations by acting as a white hat hacker on their behalf.
So what is a white hat hacker, anyway?
A white-hat hacker is a computer hacker who uses his skills for ethical, constructive purposes instead of theft, destruction or exploitation. Most often, they’re computer-security specialists who are hired to break into computer systems to expose vulnerabilities in the systems and make them stronger. They find malicious (black-hat) hackers’ most likely ways in, before the hackers do.
According to an August 2017 report by CBS News, many white-hat hackers are located in India. One of the world’s best white-hat hackers, Sandeep Singh, nicknamed “Geekboy,” told CBS he had been hired by companies such as Microsoft, Facebook, Twitter, Uber and AirBnb to break into their systems and help them patch weak spots. The companies pay handsomely for the help. “How much I make in one day, my friends make in one year,” said Singh.
“Gray-hat hackers” are specialists who alternate between doing white-hat and black-hat tasks.
There are even white-hat hacker conferences, such as HackerOne, held in Las Vegas, where white-hat hackers compete in penetrating the systems of cooperating companies for prizes.
Yes, actually, white hat hackers can help the government a lot
White-hat hackers will likely be key to upgrading the vulnerable U.S. voting infrastructure. In October 2017, after reports that Russian hackers attempted to breach voting systems in 21 states during the 2016 election, the annual DefCon hosted a Voting Machine Hacking Village to inform the computer-security industry about vulnerabilities in voting systems and to get them involved in fixing them. White-hat hackers were set loose on five different voting machines to see how quickly they could be breached. They cracked into the first one in about 90 minutes. “This software just isn’t up to modern standards. It’s not even as strongly protected as a PC,” said one security expert.
In late November, the UK’s National Health Service announced it was hiring white-hat hackers to prevent another WannaCry, a widespread ransomware attack that crippled health-care providers’ systems. On Tuesday, the Singapore government invited white-hat hackers to break into its defense ministry’s systems, offering bounties to hackers who were able to do so.