Cybercrime is increasing at a staggering rate. The number of attacks worldwide each year is well into the trillions. In the UK alone, a small business is successfully hacked every 19 seconds.
According to one report, 2018 reportedly saw a 350% increase in ransomware attacks, a 250% increase in spoofing or business email compromise and a 70% increase in spear-phishing attacks in companies overall.
Meanwhile, damages caused by cybercrime hit around US$ $3 trillion in 2015. That figure is expected to double by 2021. Cybercrime will be more profitable than the combined illegal drug trade by then.
Already, cybercrime profits are estimated at US$1.5 trillion—more than the GDPs of Saudi Arabia and Turkey combined.
Yikes.
So, is it just about the money? Or are there other factors at play here? Let’s examine the cyber criminal’s mind and motivations.
Money
Money is the largest motivator for cyber criminals. Statistics on this are hard to come by. Still, a 2016 report from Palo Alto Networks and the Ponemon Institute suggests that 67% of UK hackers do it primarily for the money.
Remember...
There are quite a few different ways to earn money as a hacker. For example, you can steal money directly from an account, encourage people to send you money using false information, ransom/bribery, or sell stolen information.
This affects how the attack might take place, but the why remains the same. And that’s a good thing. Someone just doing it for the money will want the best return on time spent, while those with other motivations may not.
The Chair of the Ponemon Institute says:
"By adopting next-generation security technologies and a breach prevention philosophy, organisations can lower the return on investment an adversary can expect from a cyber-attack by such a degree that they abandon the attack before it’s completed.”
Given the number of ways a cyber mercenary could earn their money, it isn’t easy to single out specific targets. Small businesses are big, but individual users are also at risk. Common attack types include:
- Phishing/spear-phishing/spoofing – making victims behave in a way that suits the attacker’s purpose
- Spyware – stealing data by spying on a user’s computer
- Ransomware – blocking access and demanding payment to return files
To avoid being a victim of such attacks, the best thing to do is to strengthen your security systems and processes so that you become one of those hard targets that attackers just can’t be bothered to pursue.
Ego
An entirely emotional motivation, ego attacks are hard to talk about generically. Often mixed with a desire for revenge, the motivation could be something overt – rejection by the object of their affection or perhaps a former employer, or slightly foggier, such as attacking a business the attacker feels has ‘done them wrong’.
Also in this category would be those hackers driven by the challenge of wanting to ‘outsmart’ a business’s security measures or, in layman’s terms, ‘stick it to the man’.
This Is Quite a Spectrum to Deal With
Those who do it for the challenge may be quite highly skilled. Those out for revenge may copy or buy malicious code and watch YouTube tutorials to carry out their attacks. But these ‘amateur’ attacks can still cause much damage if you’re unaware.
If it’s a personal attack, there’s a good chance the attacker will have more physical interaction with their victims – they may employ phishing and spoofing techniques to implement the attack.
In any instance where ego is the driving motivator, attackers will often want someone – either the victim or peers in the hacking community – to know that the attack has taken place. This could help security professionals identify the attacker.
Politics
Having witnessed the uproar over leaked emails and voter registration DDoS attacks, we all know the power that cybercrime can wield over politics. State-sponsored hackers will be motivated largely by nationalism (with a side of financial incentive). Typical targets include public administration, defence, energy, and utilities, as well as gaining information or intellectual property or disrupting or damaging operations.
A successful phishing attack enabled the DNC email leaks. Botnets have been blamed for the DDoS attack on the EU referendum registration site. But largely, the mode of operation could be described as ‘by any means necessary’.
Ideology
Hacktivists and cyber terrorists fall into this category. In essence, the motivation here is that the hacker strongly disagrees with the target’s activities. This breed of attack can vary from cyber defacement to full-scale attacks, such as the Ashley Madison leaks in 2015 or #OpSudan earlier this year, which may have played a role in the ousting of Sudanese dictator Omar al-Bashir.
Hacktivists tend to band together in geographically dispersed groups, united behind a common goal. Often, these are short-term targets, known as Operations. In its early years, hacktivism could be quite effective. Still, as security measures have improved, the effectiveness of these attacks has diminished, leading hacktivists to target ‘low-hanging fruit’ where they can make more of an impact.
How It Helps
Understanding attackers’ motivations helps us create a profile of who these hackers might be and what they are targeting. If you can look objectively at your business and identify where threats might come from, do you have valuable data that could be stolen? Are your activities controversial? – You can predict which hacker persona might target your organisation and tailor your security measures accordingly.