What Drives Hackers? (Part 1)
What are the payoffs for hackers to join the game and what are their favorite tools?
2016 was a year of major breaches. The list of target companies and organizations is long, including the IRS, US Dept. of Justice, LinkedIn, Twitter, Dropbox, Yahoo, Adult FriendFinder, Zoosk, Cisco, and the biggest breach in history – Yahoo with its one billion user accounts. A year where Internet security was tested again and again. So, what motivates hackers to continue to penetrate our defenses and why is the industry failing to cope? In this two-part blog, we’ll explore some of these motivations.
Some well-known hacker groups openly discuss what their targets and reasons are, and others do not. In cases like the Sony hack which was geopolitical revenge for a movie that disparaged North Korea, it is easy to link a motive to the outcome. In many cases, however, it’s not so easy to draw a straight line between the reason for the attack and the consequences. In many instances, the overarching rationale may or may not align with what personally drives hackers to do these acts. But let’s look at a few common motives.
Low barrier to entry, few prosecutions, and demonstrable results
One of the largest motivations is that hacking works. There is often little skill required and minimal cost involved, with practical results and very few consequences. With low-cost DIY kits available online, it becomes quite easy for hackers to get up and running quickly. Prosecutions are extremely rare because, among other reasons, it is tough for law enforcement to pursue crime that originates from another country as these cases often do.
Everyone must eke out a living. It’s a sad fact in our world that if it can be commoditized, it likely will be! As with all economic criminals, these hackers think of the world as a goldmine. Also, known as “black hat hackers” or “crackers,” these hackers do think of it as a job and go to work just like the rest of us – with money as their motivation.
Malicious software, called ransomware, is a favorite tool of hackers used to extort money from individuals and companies. It is easy to purchase ransomware kits online using cryptocurrencies that require minuscule skill to deploy. Malware attacks can be incredibly destructive to the target, and highly lucrative for the attacker. For example, in February 2016, a Los Angeles hospital paid about $17,000 worth of bitcoins after a data breach. Since then, several medical institutions have been crippled by ransomware, forcing them to turn away patients.
Organized crime and Crime-as-a-service Organizations
Usually working from the comfort of obscurity, these criminals prefer to make their paycheck by working for less-than-desirable organizations, or in some cases, may not even be aware that what they are doing is illegal. Some of the schemes may be darkly ingenious. The New York Times recently shared a story of two young Indian whistleblowers who came forward. They had been part of a large call-center team that impersonated the IRS to defraud Americans, admitting that motive had been to make money.
For the organization, the object is mostly financial as well, and these groups are responsible for a significant percentage of financial fraud, malware, Trojans and other large-scale attack threats that exist today. These groups, sometimes called fraud rings, typically either make money directly from the attack, from the sale of the data, or from laundering money — either for themselves or third parties. Human farms fall into this category as well. Instead of a lone hacker or a machine that controls thousands of bots, a human farm is what it sounds like — teams of real people sitting down and doing all the things a person would do to bypass security controls that would otherwise detect machine-based automation.
Corporate espionage – take down the competition
These are groups of hacker mercenaries who rent themselves out to corporations to conduct corporate espionage, or to take down the competition. Financially motivated, these hackers are sometimes employed by companies to do penetration testing and ‘break’ their security.
To be continued next week (Part 2)…
Want to read more posts like this? See our full blog here.