What Motivates Hackers? Is Money Always The Driving Force?
With ransomware attacks a frequent topic of news reports, most people understand that money is often a motivating factor. But, while that is a powerful motivator, it isn’t the only reason hackers take action.
Do you know the difference between black hat hackers, white hat hackers and grey hat hackers? Know about script kiddies? Did you know there is such a thing as ethical hackers?
As manager of information security and compliance at Kelser, I spend time studying cyber threats and the people who perpetrate them.
It’s important to understand that money is not the only motivation for hackers so you can be watching for a wide spectrum of threats.
In this article, I’ll explain different kinds of hackers and their motivations. After reading this article, you’ll have a full understanding of the kinds of threats your organization is up against and will be better able to prepare for and mitigate their impact.
What Is A Hacker?
Most people have an idea of what a hacker is, but just so we are all operating from the same understanding, here is a definition of a hacker that I found online from U.S. News & World Report:
"A computer hacker is a person with advanced computer technology skills who is adept at finding vulnerabilities in software and computer systems."
What Are The 3 Different Kinds Of Hackers?
In general, hackers can be classified in one of three categories:
1. Black Hat Hackers
These hackers fit the profile that most people associate with the word. These are people with bad intentions who try to gain access to information for personal gain.
2. White Hat Hackers
Often, companies will hire white hat hackers to alert them to vulnerabilities in their IT infrastructure.
These are people who perform a paid service, with permission, to enable companies to address cybersecurity weaknesses in their network. These are often thought of as beneficent hackers who are interested in helping make things more secure.
3. Grey Hat Hackers
These are people who hack into systems without the owner’s knowledge or permission.
They often report vulnerabilities to the owner (providing a service) along with an offer to fix the issue (for a fee). If the victimized organization doesn’t agree to pay the hacker to fix the issue, grey hat hackers often threaten to make the issue public, exposing the organization to the likelihood of a cybersecurity event.
What Motivates Hackers?
Hackers can be motivated by a number of factors. In many cases, they are motivated by some combination of the following:
Most people know about hackers who are motivated by money. These include the black hat and grey hat hackers that we’ve already discussed. Interested only in money, they don’t care about the impact of their actions on organizations.
Other hackers are motivated by the technical challenge.
They explore simply to find out what vulnerabilities exist and are only in it for the personal vindication that comes from figuring out a way into complex, secure infrastructures.
One example of these kinds of hackers is a script kiddie. These are immature hackers who try to access things just to see what they can find, often using random tools they may have found but don’t know how to use. They usually aren’t interested in wreaking havoc, but rather are in it for bragging rights.
Someone who is sympathetic to (and possibly from) a country that is not considered an ally of the U.S. ideology, may be motivated to access sensitive government or industry data and provide it to a foreign government as a way to damage one country and provide benefit to another.
Another person may seek employment with an organization with the hidden intent of damaging the organization’s reputation. This insider threat is an example of corporate espionage.
Some hackers want the fame associated with circumnavigating challenging security protocols. They may leave a calling card, similar to the jewel thief in the Pink Panther movies, defacing an organization’s website and sometimes even writing their name on the website to highlight their achievement.
Someone else may be motivated by positive ideology and a desire to make things better.
An example would be one of the white hat hackers we identified previously. Their interest is to make things more secure by identifying vulnerabilities and making them known so the owner can fix them and make things more secure.
What Are Some Of The Signs You Have Been Hacked?
There are different kinds of hacks and different things to look for. Some hackers just barge right in and don’t care who sees them. Others sit and monitor things waiting for the right moment to strike. Sometimes this can depend on the motivation and experience of the hacker.
Both kinds of hacks can wreak havoc on your infrastructure. And, frequently, it is difficult to know you’ve been hacked until an incident occurs. The best solution is to be proactive and keep things monitored, updated, and patched.
How Can You Protect Your Data?
There are many ways to keep your data safe but one of the most important is to be proactive. Here are some suggestions:
- Require strong passwords
- Implement multi-factor authentication
- Use the latest firewall technology
- Monitor your infrastructure for threats
- Install the latest patches and updates
- Backup your data
- Provide employee cybersecurity awareness training
What’s The Next Step In Your Journey To Thwart Hackers?
Now you have a full understanding of hackers and what motivates them. Whether it’s money, technical challenge, ideology, fame, positive change, or (more likely) a combination, hackers are a real threat, but one you can guard against with the right proactive measures.
You may have a full IT staff who can help you make the proactive changes you need to keep hackers at bay.
Or, if you are a SMB, you may need to augment your staff with an external IT provider.
At Kelser, we provide a full complement of managed services to keep customer infrastructures safe, available, and efficient. While we know that managed IT isn’t right for everyone, if you are looking for a provider, we may be the right fit for you.
Cost is a common concern. Read this article for details on cost: How Much Does Managed IT Cost? What’s Usually Included?
If you’re ready to learn more, take the quiz below to find out if managed IT is right for your organization.