A grey hat (greyhat or gray hat) is a term used in computer security with a range of definitions and is derived from the concepts of "white hat" and "black hat" hackers.
The term was first used in print in the late 1990s by the hacker group L0pht in a 1999 interview with The New York Times to describe their hacking activities. The same article describes several members as black hat hackers and a third party describes L0pht as white-hat hackers. The phrase was used to describe hackers who support the ethical reporting of vulnerabilities directly to the software vendor in contrast to the full disclosure practices that were prevalent in the white hat community that vulnerabilities not be disclosed outside of their group.
- Systemic Connect state that grey hat hackers, discovering a vulnerability, will tell the hacker community as well as the company affected and then "watch the fallout."
- In 2008, the EFF defined grey hats as ethical security researchers who inadvertently or arguably violate the law in an effort to research and improve security. They advocate for computer offense laws that are clearer and more narrowly drawn.
Another definition of grey hat maintains that grey hat hackers only arguably violate the law in an effort to research and improve security: legality being set according to the particular ramifications of any hacks they participate in.
In the search engine optimization (SEO) community, grey hat hackers are those who manipulate websites' search engine rankings using improper or unethical means but that are not considered search engine spam.
A 2021 research study looked into the psychological characteristics of individuals that participate in hacking in the workforce. The findings indicate that grey hat hackers typically go against authority, black hat hackers have a strong tendency toward thrill-seeking, and white hat hackers often exhibit narcissistic traits.
Examples
In April 2000, hackers known as "<nowiki>{}</nowiki>" and "Hardbeat" gained unauthorized access to Apache.org. They chose to alert Apache crew of the problems rather than try to damage the Apache.org servers.