Types of hackers
White hat hackers 
Tujuannya adalah untuk melindungi bisnis dan aset dari sebuah organisasi dari serangan luar
White hat hackers atau biasanya disebut dengan cybersecurity experts atau penetration testers yang tujuannya adalah menguji keamanan dari sistem informasi. White hat hacker menggunakan alat dan teknologi yang sama dalam masuk secara paksa kedalam sistem. Yang membedakannya adalah niat, tujuannya. Tujuannya adalah memperkuat ketahanan sistem dan melindungi sistem tersebut dari serangan luar.
Black hat hackers 
Tujuannya adalah menyerusuk sistem dengan tujuan yang jahat.
Black hat hacker bisanya identik dengan kriminal yang memliki motivasi untuk mengambil uang atau menyebabkan kerusakan ke seseorang ataupun institusi. Black hat hacker selalu berusahan menyembunyikan identitasnya. Biasanya meraka menggunakan pseudonyms untuk mengidentifikasi dirinya. Black hat hacker sangat sulit untuk deteksi pada sebuah sistem kecuali memang mereka sengaja menampilkan dirinya. Seringkali dan banyak dari black hat hacker tetap mempertahankan remote access ke target sistem tanpa pemilik sistem mengetahuinya
Gray hat hackers
Memliki motivasi kesenangan atau pembuktian diri.
The real world is not binary and neither are hackers. Gray hat refers to hackers that operate in somewhat muddy territory. They have the same skillset as white hat or black hat hackers; however, their motivation is usually not financial. Gray hat hackers like to play around with systems just for the sake of fun and enjoyment. Most of the time, they are harmless and even expose the system vulnerabilities to the people responsible. They break into the system just because they can.
Gray hat hackers also like to snoop around systems testing their strengths, and once they discover potential weaknesses, they usually notify the administrators and offer their services for correcting the issues with a service fee. This is a way for them to make money. The legality of this practice is questionable; however, for some, this is a way to earn a handsome amount of money.
As mentioned earlier, the boundary between gray hat hackers and black hat hackers is quite fuzzy. You should be very careful with it. A single mistake or miscalculation can cause significant issues. There is also the danger of gray hat hackers eventually crossing into black hat category.
Nation-state hackers
: Attacking the cyber assets of an enemy.
With the increased dependence of countries on computer-based systems, the need to both protect and attack cyber systems is becoming extremely important. With conventional means of warfare becoming more and more potent and limited in nature, the use of cyber warfare is gaining significance. Nation-state hackers is a term used for a team of hackers focused on damaging the cyber assets of an opposing country.
Take the example of the Stuxnet virus, which infected the Iranian nuclear facilities. Stuxnet was a very complicated malware that infected the Supervisory Control and Data Acquisition (SCADA) systems. SCADA systems are used for the monitoring and control of large-scale industrial systems. The virus exploited a vulnerability in the programmable logic controllers (PLCs) used in the facility. The malware was very discreet and only became active if the target system was the Iranian nuclear facility. Even though it infected a large chunk of computer systems, it mostly remained dormant and only activated itself when it reached its intended target. According to most researchers, the complexity of the attack indicated that it was not the job of some criminal organization but a team of highly specialized programmers requiring months of development. These types of resources are often only at the disposal of national-level hackers. Stuxnet took control of the centrifuge speed control signals and starting spinning centrifuges at such high speeds that it eventually led to a breakdown. Stuxnet also intercepted speed status messages going to the SCADA systems so it would make it seem like centrifuges were operating at normal speeds while in reality, they were spinning at far higher speeds. This made Stuxnet very hard to detect and it stayed undetected for quite some time, hampering the nuclear progress in the facility, before finally being detected in 2010.
Corporate spies
: To get a competitive edge.
A lot of business value of companies lies in the intellectual property (IP) they own. This intellectual property sometimes defines the worth of a company. In recent years, companies have been subject to corporate attacks, where attempts have been made to steal their intellectual property. With increased competitiveness in the business world, corporate espionage is becoming a daily occurrence. Companies are subject to attacks from corporate hackers, who aim to steal sensitive information, including intellectual property, business plans, patents, financial data, and customer data, to gain a competitive edge. These attacks can come from competitors directly or they can hire professional hackers for this purpose.
Hacktivists
: To make a political/social statement.
Hacktivist is a term combining the words activist and hacker. These types of attacks are usually carried out in order to make a political statement. The aim of these hackers is to make a call for social change or to bring attention to some issue. In contrast to black hat
hackers, who try to be as discreet as possible, hacktivists try to gain maximum attention while hiding their real identity. Their goal is to spread their message to the masses. In the majority of hacktivism cases, there is no financial motivation for the hackers. They use the same tools and techniques as other hackers. Hacktivism is the digital equivalent of a political protest. With changing political dynamics, politics is making inroads into the digital space and hacktivism provides a pathway for some people to make their statement.
Hacktivists use different methods to attract attention. Sometimes they disrupt services, for example, carrying out a DoS attack on a company or government website. Other times, they gain access to critical and sensitive information and leak this classified information to the public, causing significant embarrassment for the government or company. One of the major leaks in recent years is the WikiLeaks fiasco. One thing that should be noted here is that from a legal perspective, there is no difference between hacktivism and black hat hacking. Even if you are participating in some activity for a noble cause and you get caught, you will be tried for the same crimes as a black hat hacker. Therefore, a lot of hackers tend to stay anonymous and use pseudonyms for their activism.
One of the most famous hacking organizations associated with hacktivism is Anonymous.They have allegedly carried out numerous attacks against different governmental organizations to state their sympathy to a cause or opposition to certain legislation. Anonymous calls itself a decentralized organization with people coming together to support a common cause. They have often been dubbed as freedom fighters and the Robin Hood of the digital paradigm. The decentralized nature of this collective means that it has become very hard to crack down on it.
Script kiddies 
In cybersecurity spaces, the term script kiddie refers to beginner hackers who do not have in-depth knowledge about cybersecurity or hacking in general. They often tend to use prebuilt tools for hacking purposes much like a black box approach. They don't essentially know how the hacking tool works internally but they just use it. Script kiddies sometimes lack programming knowledge to build their own tools and rely on existing tools for hacking purposes. The term script kiddie comes from the fact that they use pre-built scripts or programs to carry out attacks. Script kiddies often acquire a hacking tool such as a reverse shell and deploy it by watching internet tutorials. Their goal is not to learn the process but the final objective, which is to take control of the target system. As long as the tool works, they are not interested in how it works.
A common mistake often made by cybersecurity professionals is to not take script kiddies seriously. A well-deployed attack even from a script kiddie can cause huge damage to the assets. For an attacker to carry out a successful attack, they do not have to know every detail of the script they are using. Just the right angle of attack is sufficient to carry out a successful attack. There are a huge number of tools available online both free and paid that could help someone to carry out attacks. There are hacking organizations that make these tools especially to sell them to script kiddies for carrying out attacks. So, do not think that someone with little knowledge about developing tools is not a threat. In fact, they are as much of a threat as an experienced hacker. The success of an attack depends on both the attacker as well as the tools used.