One of the questions we keep getting frequently from businesses as well as others is why do hackers hack? What do they get from doing damage? Is it just about money? Or ego?
Well, there are numerous reasons why hackers hack a website or an app or even servers. And this is nothing new. In the early days of the internet, hackers hacked websites or took down services just to show they could break a system. So, you could say it was more about their ego or showing off or sometimes just to make a point that something can be broken. These days, it's way more complicated and so are the intentions behind such activities.
Before deep-diving into the reasons which motivate hackers to hack, let us know more about the 3 common categories of hackers and some of the common hacking techniques they use.
What are the 3 Categories of Hackers?
Generally, hackers are classified into three categories based on their motives behind hacking:
1. Black Hat Hackers:
Black hat hackers are notoriously known to infiltrate into networks and systems by creating and spreading malware. Basically, they are the ‘bad hackers’. They are generally motivated by monetary gains but on many occasions, they just do it for fun also. From amateurs to expert cybercriminals, anyone can be a black hat hacker as long as they are hacking with the motive of spreading malware and stealing personal data.
2. White Hat Hackers:
Not all hackers are bad, some are white hat hackers also. Commonly known as ‘ethical hackers’, white hat hackers are often contracted by businesses and government agencies to check for security vulnerabilities. They implement commonly known cybersecurity techniques like penetration testing and thorough vulnerability assessments to ensure that the security systems are in place.
3. Grey Hat Hackers:
These hackers have characteristics from both black and white hat hackers, but they generally carry out their hacking missions without seeking permissions from anyone. Mostly they do report the vulnerabilities found to the concerned parties, but they also demand compensations in return. If not rewarded properly, they might exploit the vulnerabilities as well.
Why Do Hackers Hack?
1. Steal/Leak Information
I am sure you guessed this. One of the most common reasons for hackers to hack is to steal or leak information. This could be data and information about your customers, your internal employees or even private data specific to your business. These are cases where hackers typically go after big targets in order to get the most attention.
Some of the biggest examples are the Ashley Madison hack or the Starbucks app hack. In the Ashley Madison hack, hackers were able to break into the customer database and get access to all the information including many private pictures of popular celebrities. This incident was a big shakeup in the Internet world which also affected private lives of many people.
A lot of times, hackers also steal information in order to assume your personal identity and then use it for something else like transferring money, taking a loan, etc. Such incidents have increased after Internet banking and mobile banking have started to become more popular. With the growth of smartphones and mobile devices, the potential for monetary gain through hacking has also increased.
Many big businesses have fallen prey to this - Sony, Target, Yahoo, Equifax, eBay, HomeDepot, Adobe, to just name a few. Even though there has been a lot of media attention about all the above companies being hacked, most businesses still believe this won't happen to them. By not being proactive about security, you are only putting your data at risk.
2. Disrupt Services
Hackers just love to take something down. And then also leave a statement on the website - more on that later. But hackers have successfully taken down many services by creating bots that overwhelm a server with traffic, thus, leading to a crash. It is known as a DoS (Denial of Service) attack and can put a company’s website out of service for a while. These days, there's also DDoS or Distributed Denial of Service attacks which use multiple infected systems to take down a single major system leading to a denial of service.
There are other ways also, like infecting a large network with malicious software inserted onto one computer either through email or otherwise which leads to a chain reaction affecting the whole network.
Server disruption attacks usually have their own personal motive. Mainly, it is to render a service or website useless. Sometimes it can also be to make a point.
3. Make a Point
The hackers who fall into this category are very interesting. They don't care about money or data. They seem to feel that they have a higher purpose in life. They want to steal information or disrupt your network in order to make a point.
Again, going back to the Ashley Madison hack, the hackers had access to account details of 32 million users but before they made this public, the hackers left a message on the website to inform everyone on what they are done. They also mentioned what they thought about the website and why they thought a service like this was immoral. Here's a screenshot of the message left on the website by the hackers:
This is what everyone usually fears about. We've seen many businesses reach out to us at the stage when they have already been hacked and a hacker is demanding money. Hackers not only hack businesses and ask for ransom but they also try hacking into regular user accounts and try to take advantage of things like online banking, online retail, etc. where financial transactions are involved.
Last year also saw the biggest ransomware attack called WannaCry where millions of computers around the world were hacked and users had to pay a ransom to get back access to their computers.
5. Driven by Purpose - Hacktivism, Idealism, Political Motives
Many hackers are also drive by a specific purpose. Sometimes, this comes out only when they get caught. Some of them aim to be idealists and take it upon themselves to expose injustice, some have political motives, some simple target the government, and so on. A major example is a hacktivist group called Anonymous who have been popular around the world for challenging and taking down many governments. These hackers can target religious groups, governments, movements, to promote a particular agenda.
Another example of a politically driven agenda was when France was having an election last year. In fact, at the beginning of May, we all got to know that Emmanuel Macron, President-elect for France, had his presidential campaign emails leaked following a hack. Giving the timing of the hack, many speculate that it was done with a purpose – to sway the votes.
And so are the speculations about the US presidential elections when Donald Trump became President.
What are the Most Common Hacks?
When it comes to hacking techniques, the list is surprisingly long. However, we will only talk about some of the most commonly employed techniques by threat actors:
Phishing is a commonly known hacking technique where a hacker creates a replica of some web page in order to steal money or personal information of users.
2. UI Redress
Similar to Phishing, UI redress is a hacking method where a hacker creates a fake or hidden user interface with some inappropriate content.
3. Denial of Service (DoS\DDoS)
One of the most common types of attacks, DoS or DDoS (Distributed Denial of Service) is employed to disable or crash a server. Hackers generally do this by sending tonnes of server requests via bots.
4. DNS Spoofing
DNS spoofing or DNS cache poisoning is used by hackers to infect DNS servers and redirect internet traffic to a similar but fraudulent website.
5. SQL Injection
Using this technique, hackers place malicious code in SQL statements and are able to access and control sensitive databases.
6. Brute force
Considered as one of the simplest methods gain access, brute force is a hacking technique where a hacker tries numerous combinations of usernames and passwords until he is able to get into the target system.
7. Man in the Middle Attack
In this attack, a hacker positions himself in the middle of a conversation happening between a user and an application. Mostly, the motive is to gain sensitive user or business information.
What Can You Do To Be Safe
Businesses often tend to give it away rather easily because they think they will not be hacked. Some of them also have a reactive nature where they'd only do something once a situation arises. The fact is that hacks happen all the time. They've been happening for years and they've only increased with time. It happens to business and users, all shapes and sizes.
One of the best things you can do as a business is to proactively test the security of all your interaction entities - websites, mobile apps, networks, etc. by performing penetration tests either through service providers or using an automated security testing tool like Appknox. Run these tests on a regular basis and make sure your systems are up to date. Additionally, always keep an action plan ready on what to do if a breach happens. It's always better to be safe than be sorry.