Hacking has been around for a long time, so it should come as no surprise that in our technologically advanced society, more and more businesses and individuals are being targeted. Experts believe that we’ll have over 75 billion devices connected to the internet by the year 2025. There’s no way to make sure a device is 100% secure once you connect it to the internet. With so many vulnerable devices, you’re probably starting to see why this is such a lucrative “career choice.”
But hacking is a high-stakes game. Most countries have strong security legislation and cybersecurity departments that work with local law enforcement to catch hackers.
Apart from having technical expertise, to be a good hacker, one must know how to monetize their skills without being caught. One also needs to stay motivated.
We all have at least a general idea of what hackers do. The moment you hear the word “hacker,” you probably get an image of a hooded figure hunched over a keyboard, typing away in front of a monitor with lots of code. That’s because pop culture is full of these images.
But have you ever wondered why hackers hack? Why would a skilled individual with extensive knowledge of information technology and financial systems get involved in something so risky? Let’s explore…
We’ll start with money. It might seem so obvious that you’re a little disappointed, but it’s true: most hackers do it for financial gain. The average hacker “earns” a CEO-level income, and in terms of risk, we also need to keep in mind that only a small percentage of them get caught. So yes, money is a big motivator. In fact, according to Verizon’s 2020 Data Breach Investigations Report, 86% of the data breaches they investigated were motivated by financial gain.
Hackers who make money at the expense of others by engaging in unlawful behavior are referred to as black hat hackers. However, there are also legitimate ways for hackers to make money. When they opt for those, they’re referred to as ethical hackers or white hat hackers.
Here are some of the most common strategies black hat hackers use to make money…
Misuse of Information
In order to obtain financial or personal information, hackers use a variety of methods, including malware, phishing campaigns, and brute-force attacks. They can then use the information to commit financial fraud, such as moving funds to various accounts they have access to or making fraudulent purchases.
They can use the information they steal to:
- Get a loan in someone else’s name;
- Open bank accounts or get credit cards in someone else’s name and get money this way;
- Obtain state or federal benefits like unemployment in someone else’s name;
- Create social media accounts, phishing emails, or messages that they use to scam other targets;
- Create fake documents like a fake passport that they can sell.
Many hackers simply sell the information they steal on the dark web, where others can buy it and use it for illegal activities like financial fraud.
Blackmailing victims is another very effective way for hackers to make money. They first steal information or documents. If the victim doesn’t want them released publicly, they need to pay a fee.
Another approach is to encrypt the information or lock the users out of their own devices and ask them for money in exchange for regaining access. They rely on malware for these strategies.
Hackers sometimes infiltrate the databases of businesses or government agencies to obtain access to sensitive information because they can get more money from a single target this way.
Some hackers make their money by creating or perfecting the malware that other hackers use. This can mean viruses, worms, rootkits, scareware, trojans, ransomware, etc.
Phishing is by far the most popular and effective strategy. It consists of getting information or money from people by contacting them via emails or messages while pretending to be someone else – either a person the target trusts or a representative of a company.
Some hackers work for various governments throughout the world. They’re hired to conduct political espionage on behalf of that country. They get assigned tasks such as:
- Stealing information like research, military secrets, or confidential information on specific individuals;
- Electoral interference;
- Economical interference;
- Interference in diplomatic relations and treaties.
The governments that hire these hackers will often reveal the information they obtain to the public with the goal of inciting political unrest in the country they’re targeting.
Hackers also hack or launch cyberattacks, such as distributed denial of service (DDoS) attacks, against the government websites and servers of a competing country in order to cause functional or operational disturbances. These are also referred to as state-sponsored cyberattacks.
Hackers can also get hired by companies to steal information from their competitors. This information usually consists of trade secrets, financial and marketing plans, pricing, confidential product details and technical schematics, or key suppliers, vendors and customers.
They’re essentially tasked with finding vulnerabilities in databases and launching attacks like brute force attacks, DDoS attacks, SQL injections, or cross-site scripting.
Sometimes the goal isn’t necessarily to steal data. A DDoS attack can overload the target company’s servers, making them lose customers. Another way to make rival companies lose customers is to steal and leak sensitive customer information since this undermines trust and negatively affects brand image and reputation.
Some hackers are motivated by political, religious, or philosophical views. They might disclose confidential government information because they disagree with decisions made by politicians in their country or in another country. Some launch attacks against companies if those companies are doing something that goes against their values.
For example, a hacktivist group wanted the Ashley Madison platform to shut down, so they stole and disclosed 60 gigabytes worth of personal information on its 32 million members.
Another example happened just recently, in January 2020, when Iranian hackers targeted the United States Federal Depository Library Program’s website, displaying an image of President Donald Trump over a map of the Middle East. They did this to express their outrage over the death of Iran’s late major general, Qassim Soleimani.