30,000. That’s the estimated number of websites that get hacked every single day on our planet. And whether those 30,000 attacks are merely annoying occurrences perpetuated by some bored teenager or a coordinated effort by multiple hackers that cause widespread devastation, each instance in nonetheless significant in that it illustrates just how vulnerable our virtual world is despite massive gains in Internet security.
Perhaps one day we’ll live in a world where website hacks are a thing of the past, but for now they are all-too-real. And while online security professionals continue to better understand how these attacks occur, more and more laymen ask the simple question of why they occur. Why would someone spend valuable time building resources to cause inconvenience on a global scale? Why would someone want to damage a network? What’s the motivation behind attempting to bring down significant portions of the Web? Good questions all. And here are just a handful of recognizable motivations and drivers often cited by online security gurus.
No other motivator trumps simple economic gain. Hackers want to make money from your audience, and there are several ways they can do just that. One is with Drive-by-Downloads, which inject your website with malware in order to infect the computers of as many of your visitors as possible. By doing so they can hopscotch across those visitor’s websites and compound the effect of malware, which can ultimately give them banking and credit card information, access to e-tail accounts and much more.
Blackhat SEO spam campaigns are also based on economic gain. They work by directing visitors to your website to pages that ultimately generate “affiliate” revenue. By putting links (usually hidden) on your site and tricking users into clicking them, they eventually get those links into search engine results and are rewarded with money from your audience. Although not as dangerous as Drive-by-Downloads, they are still strong motivators for systematic hacking.
Imagine the power you could harness by stealing the bandwidth and server capabilities of a dozen computers? How about 100 computers? Or even thousands and thousands? The business of “farming” system resources is a huge motivator for (usually) large groups of hackers working in tandem. By leveraging Denial of Service or “brute force” attacks these hackers take control of multiple systems, often without the owners and administrators even realizing it. Then, once they have control, they can launch further attacks—once again based on economic gain or perhaps for other reasons—that can be seriously devastating now that they have more power and greater reach.
Making a Statement
In recent years an interesting word has entered our common lexicon: hacktivism. Simply put, someone launches an attack to make a point about something happening in the world that they see as wrong or a problem they believe they can fix if they make enough noise. Their agenda may be religious or political, or they may simply be bragging and showing off to fellow hackers and announcing “look what I did.”
Additionally, a case of hacktivism occurs for a much less malicious reason: the hacker simply wants to expose security holes and leaks in a particular computer, server, platform or piece of software so that said hole can be fixed. By calling attention to a problem in the biggest way possible, the hacker is in essence forcing the hand of the company or corporation and compelling them to get working on a solution immediately. Need an example? The big boys of operating systems—MicroSoft and Apple—often find their newest rollouts and updates are targets for hacktivists who have discovered ghosts in the machine and want to bring it to the attention of the world.
Nothing to Do
It’s sad to say, but many hackers aren’t motivated by money or prestige or power, and they don’t really care about making a statement to the world. Rather they’re just bored, and attempting to hack a website or multiple websites is a way to the pass the time. For people with this mentality, gratification can also come with achieving something: basically, they attempt a hack just to see if they can pull it off.