Security awareness

The psychological profile of a hacker with emphasis on security awareness

Penny Hoelscher
February 5, 2019 by
Penny Hoelscher

The term “hacker” is a little vague.

For instance, it is usually derogatory when actually there are “good” hackers too, ethical hackers whose job it is to find system and network vulnerabilities. According to Tech Worm, Steve Jobs and Steve Wozniak were hackers before founding Apple. In their youth, they hacked into telephone networks to make free calls.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

There are also enough user-friendly, open-source hacking tools on the Internet that nuisance hackers can master quite easily. This type of hacker is called a green hat or script kiddie.

And there are hackers who are motivated by love (or loss of it), money and ideology.

In this article, we will look at the motivations of different hacker types, and at how hacker profiling and breach forensics can help organizations beef up their cybersecurity and increase security awareness.    

15 hacker types – The good, the bad and the ugly

Hackers can be divided into several types. Their motives vary widely, from the terrorist hacker wanting to save the planet to the script kiddie wanting to destroy their ex-spouse. Here are fifteen of the best-known families of hackers.

  1. Gray hats: Aligned somewhere between the black hats and white hats, these hackers are not bent on destruction or in the game for personal gain. Nevertheless, they operate unethically. They typically find a security flaw in an organization and then disclose the vulnerability publicly.  
  2. Black hats: The stereotypical cybercriminal, aka “cracker.”
  3. Blue Teams: Not strictly hackers in the conventional sense, Blue Teams consist of ethical hackers (white hats and sometimes gray hats)  working to defeat attackers and secure the organization's environment. Blue and Red Teams often work together.
  4. Red Teams: A team of ethical hackers acting as though they are black hats by pretending they are criminals trying to break into the organization.
  5. Script kiddies: These hacker wannabes are usually low-skilled, but they can be a menace to individuals they target to harass or whose lives they try to infiltrate.
  6. Spy hackers: Involved in corporate espionage.
  7. Cyberterrorists: Bent on causing mayhem and creating fear, and the most likely to cause physical death and destruction.
  8. Hacktivists: Motivated by a cause, e.g., politics, ideology or religion.
  9. Cyber-mercenaries: Third-party hackers for hire.
  10. State-sponsored hackers: Subsidized or supported by a government agency, or even government agencies themselves.
  11. Organized crime: Much like a digital mafia and usually in the game for financial gain.
  12. Malicious insiders: Internals and whistle blowers, often with an axe to grind.
  13. White hats: Hackers who have authorization to attempt to breach a system.

Social engineering is a technique often used by hackers to breach a target. This kind of hacker uses a variety of psychological methods to manipulate people into giving up confidential information, which the hacker can use to breach security defenses.

8 reasons we need to profile hackers

Capture the enemy in the cross-hairs

  1. Understanding hackers’ motivations and traits can help an organization to identify their potential enemies. For example: Could we be a potential target for a terrorist hacker trying to score political points by breaching the security defenses of an international conglomerate?
  2. Forensic analysis of breaches or attempted breaches can identify the type of hacker, and potentially even pinpoint the group or individual responsible. Hackers often have a signature style, e.g., a particular way of coding, a preferred point of entry. For example: Was the breach perpetrated by a nosy script kiddie or an experienced black hat with an axe to grind?

Ideate new security strategies

  1. Armed with this knowledge, organizations can devise realistic attack scenarios against which to arm themselves. For example: Are our employees aware of how social engineering attacks work?
  2. Understanding the criminal mind behind an incident can help to analyze the magnitude of a threat and how to resolve it. For example: Was the hack a once-off by an opportunist or a concerted effort by digital terrorists to bring an organization to its knees?
  3. Understanding a hacker’s motivation can be used to turn the tables on criminals by setting up traps called honey pots to lure and catch them, deceive them into attempted breaches of data without value or deflect them.

Harden defenses

  1. Knowing the different personality types can help companies implement practices to secure themselves against unexpected attacks, e.g., a script kiddie versus a spy hacker. For example: Do we have intellectual property attractive to a rival company?
  2. Psychological insight into the motivation behind cybercrime keeps an organization aware of the attack possibilities from within and outside the company. This encourages vigilance, incentivizes companies to educate staff about security and keeps security policies updated and relevant. For example: Consider the simple motivation of revenge in response to a perception of having been wronged or slighted. If a staff member is fired, security must have a strict policy to ensure he or she is stripped of all network privileges before they even leave the building.
  3. Awareness of social engineering techniques and trolling can protect employees on social media and from attempted cyber-attacks like email phishing.

2 practical ways to use common personality traits to thwart hackers

In a Science Publishing Group study — Hacker Personality Profiles Reviewed in Terms of the Big Five Personality Traits researchers interviewed six black-hat, gray-hat and white-hat hackers (two of each) to identify the predominance of the five main personality traits: extraversion, agreeableness, openness to experience, conscientiousness and neuroticism.

Hacker type Extraversion Agreeableness Openness to experience Conscientiousness Neuroticism

Black hat Medium Medium High Medium Medium

White hat Medium High Medium Medium Medium

Gray hat Medium Medium Medium Medium High

Personality trait research summary (Source: Science Publishing Group)

How can awareness of cybercriminals’ personality traits help us to combat crime?

  • Openness to experience: Hackers love a challenge. For instance, some of the biggest brands in the world offer bug bounties to hackers who can breach their security. Honey pot systems can be used as a decoy to trap criminals before they can breach a company’s real network. TrapX develops deception software “creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.” According to WikiLeaks, CEO Carl Wright said if Sony Pictures had utilized their decoy software, the command issued by cybercriminals to destroy infrastructural data would have been detected and circumvented.
  • Neuroticism: According to 123 Test: “Neuroticism is similar but not identical to being neurotic in the Freudian sense.” The concept of neuroticism is closely akin to that of emotional stability. People with low emotional stability tend to be “emotionally reactive.” Some studies have shown that neuroticism may be linked to cyberbullying. Certain language use, e.g., on social media, can identify neurotic-related text, which could help identify scams in much the same way email filters strip spam from a user’s inbox.


Let two real hackers have the last word on security awareness

It may be that hackers tend to exhibit certain stereotypical traits or personality disorders, but not all people with these traits are hackers. If agreeableness or neuroticism were marks of a criminal, prisons the world over wouldn’t be enough to contain society’s so-called deviants.

According to black-hat Adam: “I think it is incredibly important for security experts to have open dialogues with the blackhat community. It’s not at all dissimilar to police officers talking with drug dealers on a regular basis as part of their job: if you don’t know your adversary you are almost certainly doomed to failure.”

The hacker community, to a large extent, mirrors normal commercial society. On the Deep Web, criminals can go shopping for hacker kits, employ cheap labor to perform the menial task of sending out phishing emails or rent botnets to steal credit card details. It’s called Fraud-as-a-Service (FaaS). Just as law enforcement in the non-digital world uses profiling to catch criminals, so can cybersecurity professionals use forensics and profiling to catch hackers, who, when shopping, dating and eating out, look just like you and me.

Davide Del Vecchio, an Italian ethical hacker, says: "Entrepreneurs that don't invest in security will be wiped out, and soon, we'll see the first person die because of a cyber attack. Today, everything is linked to the Internet: from gas plants to bypasses inserted in people's hearts. All it takes is a little bit of imagination."

Get six free posters

Get six free posters

Reinforce cybersecurity best practices with six eye-catching posters found in our free poster kit from our award-winning series, Work Bytes.


Penny Hoelscher
Penny Hoelscher

Penny Hoelscher has a degree in Journalism. She worked as a programmer on legacy projects for a number of years before combining her passion for writing and IT to become a technical writer.