• CERT Admin
  • Sun Sep 29 2019
  • Cyber Guardian Blog



In modern world everything is based on information systems and poor software quality may adversely affect application security by increasing the potential for a malicious breach of a system and hacking is identifying and exploiting weakness in computer system and or computer networks. 

The person engaged in hacking activities is known as hacker and hacker may alter system, application or network security features to accomplish a goal that differs from original purpose of that system. Cybercrime is committing a crime with the aid of computing/information technology infrastructure and there are types of hackers who belongs to cybercrimes and some are legal. This paper will discuss about what is hacking and who are the hacker, categories, legality specially concepts and phrases of hacking and furthermore methodologies, maintain and control. 


In cyber security world, the person who is able to discover weakness in a system and manages to exploit it to accomplish their goal can have referred as a Hacker and that process can have referred as Hacking. As an example, using password cracking algorithm to gain access to a system. In now days computing infrastructure have become mandatory to run a successful business as well as for many useful personal works and it is not enough to be an isolated computer system; they need to be connected to computer network such as internet to facilitate communication with external businesses. 


What is Hacking? 

During the 1990s, the term “Hacker” originally denoted, and it is art of exploring the hidden things that are being hidden from general usage and finding loopholes and use them to benefit the others. In other way hacking is simply identifying weakness in networks or computing systems to exploit its weakness to gain access. 


Who is Hacker? 

Hacker can describe as an individual who uses computing and networking skills to overcome a technical problem and often refers to a person who uses his or her abilities to gain access to unauthorized systems or network in order to commit crimes. b. Types of hackers 

Hackers can classify according to the intent of their actions. The types of hackers often referred to as wearing colored ‘hats’ with each have different implication for the target. 


Ethical Hacker (White Hat) 

A white hat hacker is computer security professional and they do not have any malicious intent whenever they break into security systems. White hat hacker probably has deep knowledge about computer and network security. 


Cracker (Black Hat) 

A black hat hacker can know as hacker who gains unauthorized access to computer systems and their intent is usually malicious, steal data and violate privacy rights. And they use their knowledge for unethical activities. 


Grey Hat 

A hacker who is between ethical and unethical hackers are known as grey hat hackers. Grey hat hackers usually hack systems without proper permissions form system administrators of the network but they will expose the networks vulnerabilities to the 


What is Ethical Hacking? 

Information is the most valuable assets in modern world keeping that information secure can protect the privacy. Keeping the data and information safe is very difficult at this present time and that’s where the role of the ethical hacker becomes valuable. 

Ethical hacking is identifying weakness in computer systems and come up with countermeasures that protects the weakness of the system. Ethical hackers must follow the following some rules before they breach into system. 

• Get written permission from the owner of the system. 

• Protect the privacy of the system/organization 

• Report all identified weakness and vulnerabilities to system owner or administrator 

• Inform hardware and software vendors about identified weaknesses 




Ashen Udayanga 

Ashen is an undergraduate of Sri Lanka Institute of Information Technology, Faculty of Computing who is currently following Bachelor of Science Honors degree specializing in Cyber Security, currently, he is working as an Intern - Information Security Engineer at Sri Lanka CERT|CC  

Last updated: Sun Sep 29 2019