Why do hackers hack? It’s not just for the bounty

When we think about the cyberattacks taking place minute by minute, day by day, we may assume financial motivations are key — but that's not always the case.
1 October 2020
  • 68% of hackers initiate cyberattacks with the sole purpose of being challenged
  • Websites are the most popular platform for hackers at 71%
  • The explosion in new technology amid the global pandemic has created a more level playing field for hackers with emerging techniques

When we think about the cyberattacks taking place minute by minute, day by day, we may assume financial motivations are key. And that may be true to a certain extent. Sensitive data can be worth a lot on the black market, not to mention the hundreds of thousands if not multimillions that can be ransomed. But new research suggests that many hackers are in it for the thrill first, and the bounty second.

According to a new survey acquired by Finbold, 68% of hackers initiate cyberattacks with the sole purpose of being challenged, with websites being the most popular hacking platform at 71%. Monetary gain accounted for the second-highest reason for hacking at 53% while learning new tips and techniques accounted for 51%.

Elsewhere, around 49% of hackers launched cyberattacks just to ‘have fun’ while 44% of hackers conduct cyberattacks to advance their careers, with a further 8% just to show off.

The survey involved more than 3,150 respondents from over 120 countries and territories, with individuals taking part in the survey also reporting one or more valid security vulnerabilities on HackerOne — a hacker-powered security testing and bug bounty platform.

In a review of some of the more popular hacking platforms where websites accounted for the majority at 71%, application programming interfaces (APIs) accounted for 7%, quickly followed by Android mobile at 4%.

The hackers involved in the survey also reported that 30% had been hacking for between one to two years — while on the other hand — 20% of hackers had been hacking for three to five years. Most notably, however, a mere 5% of hackers had been hacking for more than 15 years.

Emerging trends

Amid the global COVID-19 pandemic, hacking has become a major talking point at the center of the cybersecurity debate. Despite hacking techniques largely remaining the same, new trends are beginning to emerge. Current popular trends include phishing and social engineering, malware injection, missing security patches, cracking passwords, and distributed denial of service (DDoS).

With an explosion in new technology amid the ongoing pandemic, the playing field for many hackers has leveled with the emergence of more innovative techniques.

The highly contentious 5G network, for example, presents quicker speeds while simultaneously carrying a whole host of vulnerabilities ideal for DDoS attacks. Artificial intelligence (AI) has reportedly also been used by hackers to outsmart existing cybersecurity systems. AI can be utilized to find weak points to trick targets into handing over sensitive information.

For the most part, hacking is usually done unethically to harm organizations. More recently, however, attention to ethical hacking has risen. Ethical hackers are hired professionally to present a system’s maturity scorecard to highlight an organization’s overall risk and vulnerabilities.

The demand for added investment and man-power in cybersecurity has been well-documented, and with more organizations looking inwards for their security needs through internal training and tailored training programs, the demand for security skills as hackers are becoming more relevant.

With great technology, comes great responsibility, and with trends in cyberattacks expected to continue to rise, companies and organizations must be properly prepared against them – whatever their motivations.