Hacking Motivations
The introduction briefly touched on some of the confusion surrounding why hackers do the things they do. Although motivations are extremely diverse, there are some that are quite easy to identify. It is worth mentioning that several years ago these motivational categories did not exist, and as the Internet continues to evolve, so too will the hacker. The following list looks at some of the common motivators for hacking:
• Human curiosity and fame: In the early days of the Internet, hackers wrote viruses to see whether they could (and did) crash thousands of Windows PCs and gain global TV news coverage. It was also believed at that time hackers did so because they were curious or otherwise interested in technology. Certainly there are still many hacks occurring because people are curious or want recognition; however, this desire is shifting to the youth of the world, who get a charge out of hacking the cheerleader’s Facebook account. There are newer and more lucrative motivations driving the true threats, which have evolved past the script kiddy hacker today.
• Anti-Establishment: Hackers motivated by this category typically feel that the rules and regulations they are surrounded by do not or should not apply to them. You often hear of hackers striking out against a government or perhaps an employer. Oftentimes people on the inside of the target organization conduct threats motivated in this manner. One of the most recent examples was the Iranian presidential election of 2009; opposition parties whose freedoms had been restricted moved to the Internet; however, the authorities aggressively responded. This forced activists to “get creative” with getting the word out online and to media outlets outside the country’s borders.
• Economic motivations: There is an old saying that money makes the world go round, and there is an even older saying that says money is the root of all evil. In yet another example of the changing motivations behind hackers, many groups and individuals hack for cash. Certainly the most commonly known financial gains are through stealing credit card numbers or a person’s identity. In the last several years, a new type of online hacker gang has emerged that is blackmailing businesses threatening to bring down their websites, thus impacting sales, if they do not pay money to ensure they are free from attacks for a year. Security organizations often report that financial reward is the largest reason why hackers keep coming back and upping their game.
• Hacktivism: When you have a problem, and the police cannot help and the laws are silent, you might want to call the A-Team, but that is a different book. We are seeing a trend of hackers using their online skills to impact the real world based on their belief systems, thus Hacktivism was born. There have been many examples of this sort of hacking motivation. Recently, the two most prevalent were when environmental researchers in England had their email server hacked. The resulting emails were shared far and wide, revealing some rather disturbing information that perhaps they altered climate change data to make it worse than it is. Another example is the recent denial-of-service attack against the World Trade Organization (WTO) website that coincided with street protests or the Wiki-Leak fans who targeted MasterCard. Although, it should be noted that one man’s activism is another man’s hate crime.
• Cyberwarfare: The newest and perhaps the most evolving motivation is Cyberwarfare. Simply put, this is using the Internet to conduct aggressive operations. One of the most recent attacks was when Chinese hackers (many suspect it was their government) tried to hack into Google, specifically Gmail users who were Chinese human rights activists. As expected, the Chinese government denied all involvement. Regardless, Cyberwarfare has come of age and is being used. Even earlier, in the Russian-Georgian war, there was a call to arms by Russia to its hackers who commenced to bring down the Georgian governmental website whose own hackers responded too. Although these are two of the most published examples, in security circles, what has been on page two is that many governments all over the globe are looking at making Cyberwarfare military units. The U.S. government sees Cyber as a newer domain to be treated equally like air, land, or water and to be protected just the same, keeping the nation’s critical assets secure.
This section briefly looked at some of the more common hacker motivations and how we are seeing each of them in the world today. The next section deals with target selection by hackers.