Cybersecurity and issues related to hackers, malware, and ransomware are becoming so commonplace across so many sectors that it would be impossible for the media to report on every incident. The recent high profile hacks of utility providers, the Colonial Pipeline, and Solarwinds have garnered national attention, and the need for robust cybersecurity reform has become less an issue of personal identity theft and inconvenience and one of grave national security.
Who are these people who work to penetrate networks, steal data, or otherwise cause disruption? What is it that motivates someone to bring a network to its knees? Here are the top five reasons that hackers hack.
1. Social justice and “Hacktivism”
People that use their skills as hackers to disrupt for ideological or social justice purposes are referred to as “hacktivists.” These hackers are motivated by political issues that they feel are unjust or require greater scrutiny. While most hacktivists operate anonymously, choosing to draw attention to their causes as opposed to themselves, others enjoy notoriety and brand name recognition.
The most well-known hacktivist group calls itself “Anonymous.” The group has claimed responsibility for well known attacks against the Church of Scientology and the Westboro Baptist Church for their views and actions regarding social issues. Anonymous has also engaged in many smaller attacks such as one against Florida’s Orlando Chamber of Commerce in retaliation for the city arresting individuals providing food to the homeless as well as widespread hacks and disruptions of police departments and other authoritative entities that the group has found to be counter to their sensibilities.
2. Hackers can make big money
It’s no secret that there is money to be made in successfully hacking a company or entity known to save valuable information. Some hackers collect this information and sell it online to those wishing to commit fraud by filing fake claims or charging stolen credit cards. Some may purchase the data in order to break into other networks or accounts, thereby accessing even more information.
Currently, ransomware has been the most popular choice for cybercriminals who wish to cash in on stolen data. In a ransomware attack, a hacker will paralyze a company or entity’s network. They will then demand a ransom in exchange for access to their system, threatening to release any sensitive data within if their terms are not met.
In the first quarter of 2021 alone, more than 290 enterprises have been attacked by ransomware gangs, bringing in over $45 million in payments. Recent notable ransomware attacks have been carried out against the Colonial Pipeline, and CNA Financial Corp.
3. State sponsored cyber warfare/espionage
Cyberspace, it used to be said, is the “battlefield of the future.” Current events pertaining to state-sponsored hacks and attacks by groups associated with government entities imply that the future is now.
With governments relying so heavily on information technology for both operation and communication, espionage has gone online. State-sponsored hackers from both Russia and China have been implicated in some of the biggest hacks on US-based companies. The ability to carry out crippling attacks against power grids, utility suppliers, media organizations, and food supply chains is now at the top of the list with regard to acts of war. Not only can these types of attacks have serious, sometimes deadly, consequences to civilians and government officials alike, but they demoralize the opponent by revealing weaknesses in their infrastructure.
Last year’s hack of SolarWinds is believed to have been orchestrated by hackers working on behalf of the Russian intelligence service. The intrusion allowed Russian spies to peruse through top level American government computer systems for months before the attack was discovered. Many experts feel that this attack, while effective, could quite possibly be a precursor to future attacks that are less focused on espionage and more so on disruption and damage.
4. Challenge and notoriety among other hackers
Another factor motivating hackers is ego.
The competitive spirit appears across all activities, and hacking is no different. Some hackers break into or disrupt networks that are known to be well-fortified for the sake of bragging rights or fame. Some hackers look to make a name for themselves by hacking the unhackable, or simply defacing websites or networks in order to gain notoriety.
While this motivation is not as malicious as intentionally looking to steal information, it is nonetheless destructive. Victims of this type of “sport” hacking are left to pick up the pieces in the same way as those hacked for their data.
5. Hackers out for revenge
Some hacks are carried out at the hands or behest of employees or disgruntled former employees. While these attacks are not a typical of hacks where security it overcome (because the employees have login credentials and administrative rights) they can be destructive.
Employees or contractors who feel that they have reason to cause harm to their employer may commit these attacks on their own, or they may give or sell login access to a third party.
What can be done about hackers?
Hackers come from many backgrounds, attack using different methods, and with a variety of motivations. They can all cause significant damage to their targets, are rarely caught, and are growing in both boldness and frequency.
Top levels of government and international banking institutions aren’t the only targets. In fact, one in five small businesses will fall victim to a cyberattack. Of those compromised, more than half are never able to recover.
Here are some cybersecurity steps you can take to help ensure your company is not an an easy target for hackers.
Keep everything up to date
Keep software, operating systems and hardware up to dat without breaking the budget by purchasing refurbished firewalls or network switches from a reputable dealer.
Use a VPN
Using a virtual private network, or VPN, is a great way to keep your internet activity away from prying eyes.
Educate your staff on cybersecurity best practices
A surprising percentage of cybercrime only requires someone opening an attachment in an email. Be sure your staff keeps strong passwords and never reveals their login credentials.
Invest in a cybersecurity audit
Cybersecurity audits allow organizations to evaluate the practices they have in place and make sure that they are being proactive with regard to their data security and compliance. Consider it a checkup for the health of your security!
Don’t keep old login credentials active
Even if an employee leaves the company on good terms, be sure to be proactive and change their login credentials to prevent them from continuing to access data that they are no longer authorized for.
Sources
- How To Make $1 Million From Hacking: Meet Six Hacker Millionaires
- What is hacktivism?
- 134 Cybersecurity Statistics and Trends for 2021
- The motivations of a hacker
- More than 290 enterprises hit by 6 ransomware groups in 2021
- Colonial Pipeline cyber attack
- A simple explanation of how the SolarWinds hack happened and why it’s such a big deal
- A Hacker Tried to Poison a Florida City’s Water Supply, Officials Say
- Hackers behind JBS ransomware have new extortion tactic
- SolarWinds: How Russian spies hacked the justice, state, treasury, energy and commerce departments
- Why every small business should care about cyberattacks, in 5 charts