Why do hackers hack?

You wouldn’t need to look far in our IT Academy to notice our focus on cybersecurity topics, alerting businesses and organisations to the increasing prevalence of cybercrime.

But what motivates hackers to do what they do? In this article, we thought we’d take a different slant by looking at the reasons hackers do what they do.

Hackers cause distress to millions

Hackers use an array of means to access systems and these are all on the rise for business who are vulnerable. Various ransomware, including via spoofs, phishing emails and attachments, password cracking and vulnerabilities and unpatched software are all means by which hackers infiltrate systems, causing havoc and distress to millions of companies and individuals worldwide.

But perhaps by understanding a bit more about why hackers hack, it will enable us to understand how or why we might be vulnerable or a likely target, which in turn might lead us to take action.

What’s a hacker’s motivation?

We can’t claim to know the exact motivations for all hackers, which are many, and complex, but experts point to four most-common reasons why they do what they do.

1. Financial gain

Many hackers want money and are motivated purely by the financial gain. They can get money by stealing your password and gaining access to your bank account, by successful phishing attempts, or just by using your data, which they can sell on the dark web, or use it to extort money from you.

Although the average cost of a data breach in 2021 was around £4m, and it’s expected to rise, hackers will also target smaller amounts through lesser well-known, modest-sized businesses to escape press attention and security scrutiny.

2. Exploiting insider threats

Known to be an organisation’s greatest threat, are the threats that exist inside that organisation. An employee, partner, supplier or contractor can assist a threat in becoming a reality, even without knowing it. All of these people are internal to your organisation and to some extent have access to your data and systems.

If everyone uses the same password, if there is weak security, people inside the organisation will know this. And, one or more employees will have access to the account information of your core methods of protection: firewalls and antivirus. All these people are vulnerable to various phishing attempts persuading them to disclose information.

Security access needs to be with someone you trust one hundred percent and who is cybersecurity aware.

3. Revenge

A disgruntled employee may go out of their way to devise an effective attack. The situation, which is a real security threat for many organisations, prompts managers and HR professionals to think very carefully about how they handle employees who have grudges.

If they have access to your system, it’s conceivable they may use their access rights to seek revenge for the perceived wrong doing they feel they’ve been subject to. They may use their access to sell your information and data, or direct logins, for financial gain, or for a job opportunity.

Exit strategies for employees need to have security built in.

4. ‘Hacktivism’

Hacking is a way for some people to express their political and social opinions. From targeting political groups and religious organisations, to those corporation with known interests, and government bodies and representatives.

The prime means of hacking hacktivist use is DDoS (Distributed Denial of Service) and vulnerability scanners, which causes financial losses for targeted corporations, and is a malicious attack whereby a service is made temporarily or indefinitely unavailable.

Be aware

It’s crucial that businesses and organisations are aware of the prevalence of hackers and understanding the reasons why they do what they do, can give indications as to the remedial action needed.

For instance, exit strategies for employees, internal security, cybersecurity training for employees can all reduce the likelihood of an attack, or the severity if one should occur.

< Read more articles on our IT Academy