Hacking takes many forms in Web-Programming
"Hacker attacks on the Bundestag", "Protect your data from hackers", "Hackers infect computers and smartphones": Whenever there is talk of illegal activity around computers, smartphones, the Internet, or, in the meantime, industrial plants, it is "Hackers". What is presented in a very simplified way at best, but simply wrong in case of doubt? Because in the above examples, another, less technical-sounding term is much more accurate: criminals. Or also: cybercriminals. After all, it's about legal violations.
The term "hacker" originally stood for something completely different from cybercriminals. It describes people who analyze equipment and software with a passion for technology. So break down products and software developed by other people into their parts to understand how they work. Sometimes even the "inventors" of the Internet are referred to as hackers because they looked for and developed new ways to better communicate with each other. The focus is always on creativity and the thirst for knowledge, and not enrichment at the expense of others. Because the term hacker had little to do with IT security issues until the 1990s.
Hacker types
White hats
Since then, hackers have been mentioned very often when it comes to IT security. But even if you make this restriction, the blanket term "hacker" is too imprecise. Well-meaning hackers - often called "white hats" based on US westerns of the black and white era - improve the security and reliability of products such as software applications, operating systems, telephones, or even cars with their work. There is hardly an IT product that hackers do not contribute to its security - with and without payment.
White hats or "ethical hackers" (meaning "responsible hackers") now often turn their talent into money. For example as a penetration tester. In other words, as experts who detect security gaps in their networks or software on behalf of companies. Or by being rewarded for vulnerabilities (bugs) found in software and online services from the providers concerned. Such bug rewards programs have been common among US companies for several years. White hats use their knowledge without harming third parties. For some years now there have also been internationally recognized certificates with which "ethical hackers" can prove their knowledge and positive attitude.
Black hats
Criminal hackers - or "black hats" - misuse the knowledge they have gained to infect systems with malware and thus illegally steal money. Regardless of whether it is about user names and passwords, credit card details, information from company networks, or access to systems infected with the malware: Criminals can prey on all of these points. They use human and technical weaknesses to reach their goal with criminal energy. The attackers do not always work on their own account: Black hats, who spy on authorities and companies in other countries on behalf of governments, do so for payment by the client. Just like spies in the physical world.
Gray hats
Between black and white is gray. "Gray hats" do not necessarily want to cause harm with their activities, but sometimes use illegal methods to do so. Because gray hats do not ask permission from those affected before the hack. If they discover vulnerabilities, they often publish them freely accessible on the Internet, without giving the manufacturer and security officers sufficient time to prepare. This exposes the user of the product the vulnerability to an increased risk, as the information can also be misused by attackers. The attack by politically motivated perpetrators on the website of US President Donald Trump, which was visible in February 2017, was based on information published in a blog in October 2014 without specific reference to the politician's website.
Hacktivists
Hacktivists also sit between the chairs. They are often politically motivated or, for example, want to serve the public good with their actions or demand and promote freedom of expression. In doing so, however, they often use illegal means and also harm bystanders. The most famous hacktivist group is probably Anonymous. In addition to various politically motivated hacks, Anonymous became known for attacks on child pornography providers - and in this context published the names of users of these servers. Such an online pillory is an act of vigilante justice and can have significant negative consequences for those affected. Especially since it takes place outside of a regulated judicial process.
Effects on the user
On the one hand, private internet users benefit from hackers (white hats). On the other hand, they or their data can become victims of Black Hats. Just like in the physical world, the technical talent of individuals can provide more security - or be misused for criminal purposes.