Real Hackers Are Not Evil

The term “hacker” has been used loosely by the news media and in popular culture to refer to people who break into computers and do nasty things on networks.  Nothing could be farther from the truth.

So what is a “hacker” actually.  Last year, I attained a high level security certification that qualifies me as a “Certified Ethical Hacker.”  So I guess that means I might be a hacker.  I can assure you that I am not engaged in any sort of cyber crime; quite the contrary, I am actively engaged in the battle to protect my clients from the dark side of the Internet.

In my own writings, I am careful to identify these computer evil-doers with terms such as cyber-criminal, cyber-thief, spammer, con-men, and extortionist.  They are criminals, pure and simple.  I never refer to them as hackers.

So what is a true hacker anyway?  Well I was reminded of this topic when I read Peter Herzog’s recent article “The Awesome Truth About Hackers.”  He is affiliated with the Institute for Security and Open Methodologies (ISECOM).  Peter says that hackers are:

motivated, resourceful, and creative. They get deeply into how things work, to the point that they know how to take control of them and change them into something else. This lets them re-think even big ideas because they can really dig to the bottom of how things function.

Peter’s article is definitely worth the read if you are one of the curious ones, and especially if you are considering or just starting an information technology career.

This article reminded me of the web sites of Eric S Raymond, which I read through several times when I was getting into the world of computers and networks, and really drove my passion for technology.  Two of his web sites cover this topic in detail.  They are “How To Become A Hacker” and “A Brief History of Hackerdom.”  Eric writes:

There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you’re a hacker.

The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in.

There is another group of people who loudly call themselves hackers, but aren’t. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn’t make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.

The basic difference is this: hackers build things, crackers break them.

So what is a hacker?  A hacker is driven by an unquenchable curiosity, and needs to know the how and why of things, and hopes to understand well enough to make them better, more useful, more available, and wants to have fun in the process. If you have made it this far in this article, then maybe you are a hacker too.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.