The types of hackers, both the good and the bad, seen most in 2025

First off, why do people hack? 

When most people think of a hacker, they think of a person head down over a laptop, hood over their head, looking mysterious and stealthy.  

But that’s not usually the case. Hackers are often a part of bigger projects, groups, or even nation states, and their reasons for doing what they do can range from financial to political. Understanding why hackers hack is the key to stopping them.

Financial gain

Many hackers are motivated by money. They may steal credit card numbers, credentials, or other sensitive information to sell as a broker to the highest bidder on the dark web or use in further attacks. Ransomware is often used to extort organisations, a growing approach for threat actors is to do both, this can be called a double extorsion. This is the most common motive among cyber criminals and is typically associated with malicious hackers.

Political or social causes (Hacktivism)

Hacktivists they use cyber crime as a form of protest or activism. They target government sites, large corporations, or institutions they see as unethical. Their goal is to raise awareness, disrupt services, or leak sensitive information to support a political or social agenda.

State-sponsored attacks

State-sponsored threat actors or corporate spies infiltrate networks to gather intelligence or steal proprietary data. This form of hacking is often long-term and highly targeted, aiming to gain political, military, or economic advantages over rivals.

Ethical hacking

Ethical hackers hack systems with permission to identify and fix vulnerabilities. They help organisations improve their cyber security and prevent malicious attacks. This ethical form of hacking is essential for organisations to stay on top of cyber security and is often carried out by penetration testers or security consultants. 

Types of hackers

Ethical hackers

• Intent: good
• What they do: use their skills to find and fix security vulnerabilities before malicious hackers can exploit them
• Work for: organisations, security firms, or independently as penetration testers or cyber security consultants
• Legal?: yes with agreed scope

Malicious hacker

• Intent: malicious
• What they do: break into systems to steal data, disrupt services, install malware, or profit illegally
• Examples: cyber criminals, ransomware groups, state sponsored groups
• Legal?: no

Grey Hat Hackers

• Intent: mixed
• What they do: may break into systems without permission but don’t have malicious intent, often to expose vulnerabilities or highlight flaws
• Legal?: usually illegal, even if intentions are good

Script Kiddies

• Intent: disruptive or mischievous
• What they do: use pre-made hacking tools and scripts without fully understanding how they work
• Skill level: low
• Motivation: fun or minor to major disruption

Hacktivists

• Intent: political or social
• What they do: hack to promote a cause or expose injustice, e.g., leaking documents or taking down websites in protest
• Examples: anonymous
• Legal?: typically illegal

State-Sponsored Hackers

• Intent: political, military, or economic gain
• What they do: work for governments to conduct espionage, disrupt infrastructure, or steal intellectual property
• Highly skilled and often well-funded
• Examples: Salt Typhoon, Lazarus, APT31

Insider threats

• Intent: varied (revenge, profit, error)
• What they do: individuals within an organisation who misuse their access, either maliciously or unintentionally
• Examples: disgruntled or careless employees

By understanding the different types of hackers and why they perform these attacks, you’ll be better prepared for potential threats. Whether it’s strengthening internal security, conducting regular risk assessments, or staying informed about new tactics, awareness is the first step towards better cyber resilience.