As long as there has been computer technology, individuals have sought to test the limits. The first computer virus, The Morris Worm, was little more than a young adult testing the boundaries of communication. In later interviews with (Morris name), he has often commented of his surprise at the results from his worm. Morris and others testing the boundaries is given the moniker “hacker," their mens rea is not malicious they simply seek to test, identify and communicate weaknesses in technology systems. The hacker label contrasts with "cracker" who seeks to discover weaknesses for personal or financial gain and is certainly malicious. Newer to the world of hackers and crackers is the certified ethical hacker. The EC-Council, responsible for the certified ethical hacker certification, distances itself from both labels and the negative connotations associated. This document will offer a comparison of crackers, hackers and the certified ethical hacker.
The term hacker is said to have evolved out of MIT’s computer culture when the Tech Model Railroad Club hacked model trains to make them run faster. As Universities across the country embraced the hacker concept they remained isolated until the first year of ARPAnet in 1969, “the first transcontinental, high-speed computer network” ("Early Hackers," n.d., para. 3). For better or for worse, hacker has had quite a public history; it is the preferred label describing all activities from security research through credit card theft. For this reason, true hackers consider themselves “interested in the arcane and recondite workings of any computer operating system…Hackers constantly seek further knowledge, freely share what they have discovered, and never intentionally damage data.” ("Difference between hackers and crackers," n.d., para. 5) This definition is the overriding sentiment in the information security community; hackers often translate into security researchers testing the boundaries of items looking for the weaknesses always with an eye on responsible disclosure of any security vulnerability or issue identified. Hackers also promote responsible disclosure of security issues and while some may skim the edge of legality; many try to uphold ethical standards. To further clarify, cracker came out of the hacker community to distinguish those who hack programs to make them better as opposed to crackers who do it for personal gain.
The distinction between the hackers and crackers may seem trivial but to those security researchers seeking to improve the efficacy of hardware and software the chasm is wide. Crackers will use any tool in their arsenal to further their profit including software reverse engineering, social engineering and vulnerability research. Kevin Mitnick was a preeminent social engineering cracker the FBI chased for years. While many are familiar with the story of Frank Abagnale Jr. from the movie Catch Me If You Can, Kevin Mitnick is equally as interesting. He has co-authored multiple books on his arrests, background and information security advice. Mitnick hacked NORAD in 1982 which inspired the 1983 movie Wargames. (Christensen, 1999) While many believe hackers and crackers are similar, and both operate outside the law, certainly crackers are black hats but hackers run the gamut from white to gray to black hat.
A newer entry to hacking is the EC-Council Certified Ethical Hacker. The EC-Council began after the September 11, 2001 attacks on the United States of America. This organization created a certification for individuals to work as certified ethical hackers, CEH; meaning these individuals work for companies to provide hacking against their environment, at their request, proactively discovering vulnerabilities or security gaps. The information provided by CEH individuals allows the company to address issues prior to their discovery in the wild. The certified ethical hacker is very different from a cracker as they are contracted to perform the hacking work and will require signed permission slips from their clients. While the hacker and cracker operate in shades of gray and black, a CEH is a white hat hacker believing “To beat a hacker, you need to think like one!” ("Certified Ethical Hacker," n.d., para. 1)
From the illegal black hat cracker to the borderline legal actions of hackers and the white hat security assessments of a CEH, the methods used may be similar, but the goals, motivation and results vary wildly. A self-proclaimed hacker, Adrian Lamo, found security vulnerabilities in several systems including MCI WorldCom issues with the core Internet. He disclosed the issues to MCI and with his help they were able to fix the systems. Lamo also hacked into the New York Times, however when he disclosed to them; they had him arrested. While he did attempt to provide some value to his targets, he also crossed the line and accessed email addresses of famous contributors to the paper. Understanding the roles covering the good, the bad and the ugly of hackers, crackers and certified ethical hackers can help a business deal with security consultants.

References
Certified ethical hacker. (n.d.). Retrieved from http://cert.eccouncil.org/certified-ethical-hacker.html
Christensen, J. (1999). The trials of Kevin Mitnick. Retrieved from http://www.cnn.com/SPECIALS/1999/mitnick.background/
The Early Hackers. (n.d.). Retrieved from http://www.catb.org/esr/writings/homesteading/hacker-history/ar01s02.html
The difference between hackers and crackers. (n.d.). Retrieved from http://searchenterprisedesktop.techtarget.com/tip/The-difference-between-hackers-and-crackers