Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime

4. February, 2025

The ability to understand, exploit, manipulate and secure IT systems is becoming increasingly important in our increasingly digital world. By 2025, the global cost of cybercrime is expected to reach approximately $10.5 trillion annually [1] – a clear indicator of the growing importance of cybersecurity and hacking skills.

Hackers are typically associated with cybercrime, but hacking skills can also be used for constructive and positive purposes.

What do hackers do?

Hackers are people who use technical knowledge and skills to analyse, manipulate or modify computer systems, networks or software. They gather information about systems and security measures, use social engineering tactics, exploit vulnerabilities in software or hardware, write scripts or programs for attacks or security testing, and analyse software or systems to understand how they work.

Depending on their motivation and ethnicity, this can take different forms, ranging from protection to attack.

Black Hats: Cybercriminals in action

Black hat hackers have criminal intentions such as theft, destruction or extortion. They use their skills to infiltrate systems, steal sensitive data or encrypt it for ransom.

Typical methods used by criminal hackers – also known as ‘black hats’ – include malware development, phishing attacks, data leakage and denial of service attacks. Cybercrime has a serious impact on individuals, businesses and even entire nations. The focus is on financial gain or deliberate damage to targets, with no regard for ethical principles.

Unlike hacktivists, cybercriminals do not have an ideological agenda, but act out of self-interest or criminal energy. An example of this is the use of ransomware, as in the famous attack on pipeline company Colonial Pipeline in 2021, in which cyber criminals extorted a large ransom payment by crippling critical infrastructure.

Hacktivism: hacking as protest

Combining the words ‘hacking’ and ‘activism’, hacktivism has social, societal or political goals. Hacktivists use their technical skills to draw attention to injustices, expose abuses of power or promote social change. Their actions are often directed against governments, large corporations or other institutions that they perceive as corrupt or immoral. In doing so, they often push the boundaries of legality, leading to intense debate about the ethical implications of their actions.

Typical goals of hacktivism include promoting transparency, exposing abuses of power, and resisting censorship or secrecy. The methods used by hacktivists range from DDoS attacks, in which websites are brought down by flooding them with requests, to defacing websites to spread messages, to publishing confidential information.

Hacktivists usually operate in a legal grey area or are clearly illegal, making hacktivism a controversial topic. One of the best-known groups to emerge from hacktivism is Anonymous. The loose association of many participants has attracted worldwide attention through attacks on institutions and organisations. Platforms such as WikiLeaks [5] also show how hacktivism can be used to reveal secret information and initiate social debate.

Ethical Hacking: hacking for security

Ethical hacking has emerged as an essential component of cyber security strategies. The aim is to proactively identify vulnerabilities and minimise attack surfaces before they can be exploited by cyber criminals.

Ethical hackers – also known as white hat hackers – operate clearly within a legal and ethical framework. Their techniques are similar to those of cybercriminals, but their goal is the opposite: ethical hackers use their skills to test IT systems, networks and applications to identify vulnerabilities and improve security. They work with the explicit consent of the organisation in question.

The most common methods used by the experts include penetration testing, which aims to discover security weaknesses, and social engineering, which aims to identify human weaknesses.

This approach has long since become a recognised profession. Certifications such as Certified Ethical Hacker (CEH) [2] or Offensive Security Certified Professional (OSCP) [3] allow professionals to demonstrate their skills. Organisations are increasingly recognising the importance of ethical hacking as a key part of their security strategy and are investing in training and policies.

Grey Hats: between good and bad

Grey hat hackers operate in a grey area between the clearly defined roles of white and black hat hackers. They often act without authorisation, but their intentions are not criminal. A well-known example is the case of a grey hat hacker who discovered vulnerabilities in the security systems of a municipal water company in 2019 and reported them anonymously, preventing a potential attack. [4]

Typically, grey hats look for vulnerabilities in IT systems without being asked and either report them to the responsible parties or publish them to stimulate security discussions. They generally do not pursue financial or destructive goals.

Unlike ethical hackers, grey hats act without explicit consent, but with similar goals: to improve system security. In some respects, their actions are similar to those of hacktivists, as they use technical skills and often operate in legal grey areas. The key difference lies in the motivation: while hacktivists are driven by ideological or political goals, grey hats usually act out of curiosity, a need for recognition, or the challenge of finding vulnerabilities.

Nevertheless, both groups contribute to the public debate on the ethical and legal boundaries of hacking.

White Hats, Grey Hats, and Black Hats: Similarities and Differences

Despite their different purposes, ethical hacking, hacktivism, grey hats and cybercrime are based on similar technical foundations. They all use the same tools and methods, such as network scanners, vulnerability analysis tools and exploit frameworks, to identify vulnerabilities or manipulate systems. However, the key difference lies in their motivations and the consequences of their actions:

Ethical hacking focuses on protection and security within clear legal boundaries.
Hacktivism uses hacking as a tool for protest and political goals, often operating in legal gray areas.
Grey hats frequently navigate between legal and illegal actions, typically acting without permission but without malicious intent.
Black hats are cyber criminals with selfish or destructive goals.

Conclusion: Ethics, Technology, and Power in Cyberculture

The world of hacking is diverse and complex. What unites hackers is their deep understanding of the strengths and weaknesses of various technologies and systems. However, they differ significantly in their motivations and goals, which range from proactively improving cybersecurity and protecting systems (Ethical Hacking), to the ideological use of technical skills to promote social or political causes (Hacktivism), to criminal activities such as data theft, extortion, and destruction (Cybercrime). In between operate Grey Hats, who often act without permission but primarily aim to improve cybersecurity or uncover vulnerabilities.

These different approaches highlight the power and responsibility that come with technical skills. Whether as an IT security expert or an activist, today’s technically skilled individuals are shaping the world of tomorrow through their actions. They influence not only the security of businesses and governments but also society’s trust in digital technologies.