What is a Hacker?
During my experience in the cybersecurity industry — especially in client meetings — I’ve often encountered recurring confusion around concepts such as hacker, ethical hacker, cybercriminals, or threat actors.
5/13/20253 min read
To help clarify these terms, and based on different external sources, we’ll start by reviewing the definition of the term hacker, then compare it to ethical hacker and threat actor. We’ll go a bit deeper into what a threat actor is and share some conclusions and recommendations that could help you prevent incidents that negatively impact your business.
Hacker
According to the technology company Cisco, a hacker is:
“A person who breaks into a computer system. The reasons for hacking can be many: installing malware, stealing or destroying data, disrupting service, and more. Hacking can also be done for ethical reasons, such as trying to find software vulnerabilities so they can be fixed[1].”
From this definition, we can conclude that while there is a common trait—the ability to penetrate computer systems—there’s a big difference between the two types of hackers: those who use this ability for ethical purposes, and those who use it for malicious purposes. This duality gives the concept both a negative and positive connotation, which can easily lead to confusion.
Ethical Hacker
According to the prestigious cybersecurity technical certification body EC-Council, an ethical hacker is:
“A cybersecurity professional trained to identify and fix vulnerabilities in systems before malicious hackers can exploit them. They simulate real-world cyberattacks to assess risk and strengthen security posture[2].”
Similarly, the IT security company Imperva defines an ethical hacker (also known as a white hat hacker) as:
“An information security professional who has the same skills and uses the same technologies as a malicious hacker (black hat), to discover vulnerabilities and weaknesses in an organization’s systems[3].”
From both definitions, we understand that an ethical hacker is a certified professional who, at the request and with the authorization of an organization, proactively simulates cyberattacks to assess and improve security.
The second definition also introduces a key distinction by labeling ethical hackers as white hats, in contrast to black hat hackers—those who, according to EC-Council, “perform hacking to fulfill their selfish intentions to collect monetary benefits[4].”
Threat Actor
Separately, the conceptual framework provided by the University of Maryland in their course “Cybersecurity for Everyone” proposes replacing the term hacker with threat actor, a broader concept that accounts for additional considerations.
A threat actor can be an individual or an organization, motivated by a specific goal and limited by the resources available to them. Not all threat actors are the same in terms of structure, motivation, or capability.
In terms of structure, a threat actor could be a lone individual or an organized group.
In terms of motivation, they might act out of curiosity, a desire for reputation, financial gain, political activism, or even national security objectives.
In terms of capability, their tools and training vary widely—from a self-taught amateur learning through YouTube tutorials using free tools, to a highly trained individual working for a national defense agency with state-sponsored tools and resources[5].
Ethical Hacker vs. Threat Actor
As discussed earlier, while these two figures may seem similar at first, they differ greatly in purpose.
Threat actors seek to exploit vulnerabilities for selfish or malicious reasons.
Ethical hackers act with the permission and on behalf of an organization’s system administrator, working to proactively identify and remediate vulnerabilities before they can be exploited.
Conclusions & Recommendations
As noted at the beginning, hacker is an overly general term that can be confusing due to its dual (positive and negative) connotation. Therefore, we recommend distinguishing clearly between an ethical hacker and a threat actor when referring to positive and negative cybersecurity roles, respectively.
An ethical hacker is a certified cybersecurity professional. As such, we strongly recommend always requesting and verifying an ethical hacker’s certifications before engaging them for cybersecurity services.
As described earlier, the motivations and capabilities of threat actors vary widely. That means all organizations—even small ones—are at risk from potential “curious kids” who can break in and disrupt systems. This obliges all of us (not just large banks or corporations) to constantly evaluate our systems and proactively address any vulnerabilities.
Finally, if you’re interested in evaluating your organization’s security, contact us today and schedule a free security assessment. Our team of certified Ethical Hackers is ready to support your business.
[1] https://www.cisco.com/c/en/us/products/security/what-is-a-hacker.html
[2] https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/what-is-ethical-hacking/
[3] https://www.imperva.com/learn/application-security/ethical-hacking/
[4] https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/what-is-ethical-hacking/
[5] Course “Cybersecurity for Everyone”, Module 4, University of Maryland, College Park.
WINGSPAN CYBERSECURITY
FOLLOW US on our Social Media
contact@wingspancs.com
© 2024. All rights reserved.