Why do Hackers Hack? Part 1
I think that in order to understand why,
you need to think about your value to a Hacker
and how they can gain from you.
Welsh Journalist & Film Maker
I felt very strongly about the Ashley Madison thing. Of the 39 million people who signed up for Ashley Madison, only a tiny percentage of them actually had an affair. And I’d go a step further and say even if they did, it’s none of our business, frankly.
“60 % of small companies go out of business within six months of a cyber attack.”
Over the last few months we have increasingly been called to look at websites that have been hacked, compromised, taken over or however you wish to describe it. First of all these are not sites that we have developed or maintain – hopefully that keeps our reputation intact. Every time we talk to clients and potential clients about website security and hacking, the same question comes up – “Why do Hackers hack websites?”
I think that in order to understand why, you need to think about your value to a Hacker and how they can gain from you. This usually, but not exclusively, depends on how big you are or how much data you hold.
In a nutshell corporate breaches tend to revolve around theft, leaking, disruption, money, activism, idealism or political motives.
Theft and Data Leaks
Theft and leaking often go hand in hand, kind of like large scale blackmail but your private information and possibly reputation is in the hands of someone else’s hands. Let’s have a quick look at the Ashley Madison hack of 2015. Wired ran a more in-depth article on what went on but in summary it was something like this…..
Ashley Madison describe themselves as “The most famous name in infidelity and married dating”. Now this article is not about judging people who are involved in such activities, however I think that it is safe to say that discretion is a key thing for the people involved. The hackers in question managed to gain access to the customer database and stole 9.7 Gb of data, which included account details and logins from 32 million users. The hackers demanded that Ashley Madison site be closed down or they would publish the data online. Which they did a couple of weeks later.
Coverage of the incident on Wired.com says “The hackers appeared to target AshleyMadison and EstablishedMen over the questionable morals they condoned and encouraged, but they also took issue with what they considered ALM’s fraudulent business practices. Despite promising customers to delete their user data from the site for a $19 fee, the company actually retained the data on ALM’s servers, the hackers claimed. “Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers wrote. “Too bad for ALM, you promised secrecy but didn’t deliver.”
I’ll leave you to ponder the rights and wrongs of this, but it does demonstrate the reasons for hacking and in this case it ticks the Steal, Leak and Activist boxes.
Hackers love to take things down, no we are not back on the Ashley Madison case again, but if they can make something crash and stop it functioning properly they just love it. This technic can also be used to request a ransom payment. Imagine Amazon not being able to trade for even a few hours. Let’s put that in perspective a little more; last year (2018) Amazon was reported to have made a nett profit of $10.1 billion dollars. That equates to $7,385 per second.
The interesting thing about disruption of service attacks is that it could be you that is doing it!! Attacks take many forms but one, the Distributed Denial of Service Attack (DDoS), gets you to help. It uses infected/compromised PC’s and servers to fire data, on cue, at a specific target. That could be millions of machines pointed at a single point. So if you don’t want to be part of this hacking party make sure that your Desktop, Laptop, Phone, Tablet and Servers all have a suitable Anti Virus installed and are on the latest version of all their software and patches. If you have a website then make sure your developer keeps everything up to data and use a Web Application Firewall as well. Our WAF of choice is Wordfence. If that is a bit much to take onboard then drop me and email and I’ll help you along the way
Time is Sales & Sales is Money
This has got to be one of the main reasons for hacking a large website. More often than not the larger websites are eCommerce and sell products or services. As we all know from experience when you buy things you have to pay for them and online you need to hand over your credit card details. But it’s not just your credit card details you need to hand over but your detail about where the card it registered to. In fact you need to part with all the details that are needed for a successful transition – all the detail that somebody else would need to make a transaction on your behalf.
There is also enough data here for an effective identity theft. Obtaining such data is not for the hacker to use but is more likely to be sold on.
Ransomware is not a new thing and probably started as early as the last 80’s. The problem with a ransom is getting paid. Asking for payment into your bank account is probably not the brightest thing for a hacker to do, but with the advent of cryptocurrency this is now a much safer method to rip somebody off. Effectively the ransomware encrypts all your files and any others it can find. You than have to pay a chunk of cash to get them back.
I’ve seen for myself when a virus or malware hits a large organisation and the devastation is instantaneous.
While websites are not often targeted for ransomware payments a great many personal computers and servers are. We have seen only recently how the NHS was effected. Further afield the city of Baltimore in the US was held ransom. This attack effected numerous systems across the city including phone systems and even the ability for people to complete on their house sales. And while many systems were not effected, they were turned off as a precaution to stop them becoming infected. In this instance the ransom was $70,000 which the Mayor refused to pay. The cost of the recover, mainly due to lack of proper backups, is alleged to have come in at $16m.
Hacktivism, Idealism, Political Motives
These are the guys with a specific purpose in life. They are idealists and out to expose injustice or they may have political motives. One high profile group that fits in this category is Anonymous which has a attacked governments and establishments across the globe since their inception in 2003.
From a small business point of view these are the least likely to be turning their attention toward you as they tend to be very focused. Although it does depend what you are up to.
That is probably enough for now, so in the next article we will look at how you fit into this story…….