4 min read

Why do hackers hack?

Everyone has an idea of what hackers do. Popular culture is full of images of hooded figures hunched over a monitor, illuminated by falling lines of green code. 

But people are less clear about why hackers do what they do. 

Hackers are a complex multifaceted group, and their motivations can range from purely financial to overtly political. Sometimes, their hacking is not personal at all and may be connected to a nation state, ideological group, or cybercrime syndicate. Because of the endless reasons that prompt hackers to hack, it’s not surprising that about 111 million Americans and more than half of Canadians are victims of hacking every year. And during the past year, 64% of organizations across the globe have experienced at least one cyberattack.

It’s good to take a deeper dive into a hacker’s mindset. In the Art of War, Sun Tzu said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”

It is vital that we understand not only what hackers do and how they do it but also what drives them. With a little more information, we can be more prepared to defend ourselves and our data online. 

In this post, we focus on malicious hackers—setting aside white hat hackers (who hack for beneficial purposes such as discovering vulnerabilities for an organization) and curiosity seekers (those who hack for the challenge and thrill but don’t seek to steal money or information).

With this in mind, here are the main reasons why malicious hackers hack.

1. Financial Gain
2. Espionage
3. Device Control
4. Hacktivism

1. Financial Gain

The most obvious and common motivations for hacking are to acquire money, gain a competitive advantage, or disrupt an organization. Verizon’s 2023 Data Breach Investigations Report shows that 97% of threat actors are financially motivated.

Hackers may hack into financial accounts to siphon off money or take over accounts, often using social engineering tactics (such as tricking an employee to give up information over the phone) combined with technical hacking. Stealing sensitive financial information, conducting fraudulent transactions, or demanding ransoms (such as with a ransomware attack) helps them achieve their goals.

Useful information such as user credentials, sensitive and confidential data, and personally identifiable information can also be sold on the dark web. Hackers acquire this information by phishing, deploying malware, or social engineering and sell it to criminals who use it to falsify credentials, breach bank accounts, carry out fraudulent purchases online, or access your environment to deploy ransomware.

2. Espionage

While much less common (only 3% of threat actors are motivated by espionage) and often spearheaded by nation states such as China, corporate espionage and intellectual property theft have become more widespread. Stealing sensitive or valuable information from other companies and organizations is big business. Most organizations rely on keeping their data confidential, whether it’s long-term strategies for growth, products in development, or new areas they intend to compete in.

3. Device Control

While connected to financial and espionage motivations, we want to call out device control as a unique hacking method. The world is full of internet-enabled devices, including computers and servers. Most businesses are run by and are reliant on these machines. Controlling these devices is another reason why hackers may attack you—and their reasons, while still often focused on financial and personal gain, are somewhat different than a cyberattack that directly extracts information.

Botnets: Some hackers aim to infect and control a large number of devices to create botnets, which can be used to carry out coordinated attacks such as Distributed Denial of Service (DDoS) attacks that disrupt websites or networks.
Data Mining: Hackers may install malware on devices to conduct fraudulent activities such as cryptocurrency mining or click fraud.
Surveillance and Spying: Some hackers aim to gain control of internet-connected cameras, microphones, and Internet of Things (IoT) devices for spying and surveillance purposes. This can be used for voyeurism, harassment, or corporate espionage.
Destruction or Disruption: By controlling devices, hackers with malicious intent may seek to cause damage or disrupt operations. This could involve disrupting critical infrastructure, disabling systems, or sabotaging organizations.

A common technique is to install a backdoor on devices to maintain persistent access for future attacks or unauthorized activities.

4. Hacktivism

Not all hacking is done with purely malicious or greedy motivations in mind. One example of this (slightly more) ethical hacking is commonly known as “hacktivism,” defined as when an individual or group breaches a network to make a point or carry out a political, social, or religious agenda. While highly publicized when such attacks happen, hacktivism directed at a smaller business, municipality, or other organization is rare.

---

Is Your Organization Protected from Hackers?

To find out more about cybersecurity and how you can protect your organization from malicious actors online, get in touch with VC3. Our cybersecurity experts can provide guidance and advice, as well as a range of services to protect your data now and in the future!