Un logotipo azul y blanco para una herramienta de gestión de redes sociales llamada Socialionals.

Sombrero gris

Compartir
" Volver al índice del glosario

Grey Hat is a term that first emerged in 1996, primarily used in the realm of seguridad informática[1] and hacking. It has been repeatedly interpreted and reinterpreted by an array of hacker groups and communities over time. A grey hat hacker is recognized for their practices that, while ethical, may sometimes border on the legally dubious. They frequently uncover and reveal security flaws, thereby encouraging enhancements in cybersecurity. These grey hat methods also find their place in the field of Search Engine Optimization (SEO), where they denote tactics that, although not strictly prohibited, might still be deemed unethical. The grey hat community is a varied one, disseminating knowledge across different platforms and wrestling with the moral consequences of their actions. It’s crucial to note that while grey hat practices may contribute to progress in security, they should be counterbalanced with a regard for privacy rights.

Definición de términos
1. seguridad informática. La ciberseguridad, también denominada seguridad informática, es un área especializada centrada en la protección de los sistemas informáticos, las redes y los datos frente a las amenazas digitales. El objetivo de estas amenazas suele ser obtener acceso no autorizado, modificar o destruir datos sensibles, interrumpir las operaciones comerciales habituales o aprovechar las debilidades del sistema con fines dañinos. Las amenazas y ataques cibernéticos pueden adoptar muchas formas, como el malware, el phishing y los ataques de denegación de servicio, entre otros. Para contrarrestar estas amenazas, se aplican estrategias de seguridad como la codificación segura, el control de acceso, los cortafuegos y la protección del hardware. Dado el panorama siempre cambiante de las ciberamenazas, es crucial actualizar periódicamente estas estrategias de seguridad. Los datos y las tendencias de este sector ponen de relieve la importancia de aplicar medidas de ciberseguridad sólidas para evitar brechas de seguridad potencialmente costosas y perjudiciales.
Sombrero gris (Wikipedia)

A sombrero gris (greyhat o gray hat) es una computer hacker o seguridad informática expert who may sometimes violate laws or typical ethical standards, but usually does not have the malicious intent typical of a sombrero negro hacker.

The term came into use in the late 1990s, and was derived from the concepts of "sombrero blanco" y "sombrero negro" hackers. When a white hat hacker discovers a vulnerability, they will exploit it only with permission and not divulge its existence until it has been fixed, whereas the black hat will illegally exploit it and/or tell others how to do so. The grey hat will neither illegally exploit it, nor tell others how to do so.

A further difference among these types of hacker lies in their methods of discovering vulnerabilities. The white hat breaks into systems and networks at the request of their employer or with explicit permission for the purpose of determining how secure it is against hackers, whereas the black hat will break into any system or network in order to uncover sensitive information for personal gain. The grey hat generally has the skills and intent of the white hat but may break into any system or network without permission.

According to one definition of a grey-hat hacker, when they discover a vulnerability, instead of telling the vendor how the exploit works, they may offer to repair it for a small fee. When one gains illegal access to a system or network, they may suggest to the system administrator that one of their friends be hired to fix the problem; however, this practice has been declining due to the increasing willingness of businesses to prosecute. Another definition of grey hat maintains that grey hat hackers only arguably violate the law in an effort to research and improve security: legality being set according to the particular ramifications of any hacks they participate in.

En el optimización de motores de búsqueda (SEO) community, grey hat hackers are those who manipulate websites' search engine rankings using improper or unethical means but that are not considered search engine spam.

A recent research study looked into the psicológico characteristics of individuals that participate in hacking in the workforce. The findings indicate that grey hat hackers typically go against authority, black hat hackers have a strong tendency toward thrill-seeking, and white hat hackers often exhibit narcissistic traits.

" Volver al índice del glosario
es_ESEspañol