Why Hackers Attack – The Motives Behind Attackers

Published Jan 14, 2020

kiuwan teamWRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.

Hacking has been going on for decades, so it is unsurprising that with a society as technological as ours, more and more companies and private people are experiencing attacks. Hacking is the primary way in which attackers try to gain access and damage software or a web application. But what is the reason behind it? What are the motives that bring programmers to hack?

Hacking in itself is not inherently bad. This word defines a special type of programming dedicated to finding vulnerabilities in software or hardware, and to bypassing security measures on devices or networks. If the hacker is not compromising a system without the owner’s permission, his job is not illegal. 

Before you try to protect yourself from hackers, you need to understand what their thought process may be behind their attack. If you understand the threat, you can learn what and how you need to safeguard yourself. 

Let’s first have a look at what type of hackers there are and then we’ll see what their motives behind their actions may be. 

a hacker is sitting behind a computer

The Different Types of Hackers

Generally, there are three types of hackers, usually recognized by the “color of the hat” they wear: white hat hackers, gray hat hackers, and black hat hackers. This metaphor comes from Western movies, where the good cowboys usually wore white hats and the bad guys black ones. 

White hat hackers may be hired directly from companies to try to find vulnerabilities in their software before malicious hackers find them. They have the permissions to use their skills against the company that hired them and usually keep their discoveries secret within the company. They can be security specialists or “reformed” black hat hackers. 

Gray hat hackers are somewhere in between “good and bad”. They may attack systems without permission from their owners and find vulnerabilities, then share these finds with the public to raise awareness of their existence (making sure they get fixed before malicious attackers discover them). On the other hand, however, – and this is where the gray area comes in – they may also ask companies for money to repair these vulnerabilities. If the companies do not want to pay, gray hat hackers might decide in revenge to share these vulnerabilities publicly for other hackers to take advantage of. 

Script kiddies (or skiddies) may also be somewhere between gray and black hat. These are usually students or unskilled programmers who try to break applications or systems to show off or challenge themselves for fun. However, if they use their basic scripting skills in combination with social engineering to take advantage of others, they are more like black hat hackers. 

Black hat hackers are those hackers who attack software or systems with malicious intent. There are many reasons why these types of hackers act in this way, let’s see them more in-depth in the next section.  

The motives behind black hat hackers

According to research done by Hackmageddon, here are the most widespread motivations behind hacking: 

  1. Cybercrime
  2. Cyberespionage
  3. Hacktivism (revenge)
  4. Cyberwarfare and cyberterrorism

Cybercrime

Cybercrime is the most widespread type of cyberattack and the main motivator behind it is financial gain or power. These types of attacks or security breaches can cost hundreds of millions of dollars to companies and are growing steadily

There are different ways in which cybercriminals may act to gain money from targeted corporations: 

If a skilled hacker gains access to a system, there is virtually nothing you can do to remove him from it, other than by complying with his wishes or destroying the system. 

Financial fraud is also a type of cybercrime, but this is not done directly by hackers. Here facts are misrepresented dishonestly in order to refrain from doing something that causes financial loss (i.e. tax evasion). This can be done via altering data, destroying, suppressing or stealing output to conceal transactions. 

Cyberespionage

Espionage is used to gain intelligence on competitor’s work with the goal of gaining an unfair advantage. This can affect not only companies or businesses but also nation-states. 

Gaining information on plans and blueprints can be very valuable to competitors since they can use this information to create better, competitive products. Attackers could also share publicly negative aspects of a competitor’s product in order to damage their reputation and subsequently their sales. 

Gone are the days when corporations would keep this type of information under lock and key in a cupboard or a safe. Nowadays all this data is in digital format. If they are stored with weak encryption or can be accessed through a weak authentication mechanism, hackers can easily exploit this to gain access. 

Hacktivism

It is debatable whether hacktivism is good or bad, it depends on which side you are looking from. The motivation behind activist hackers is usually to damage or stop somebody or something that, in their opinion, is doing something bad, or that may have wronged them (revenge). This type of hacking has consequently an aspect of activism in it. Used to make a political or social point, it has a long history, even changing the course of it.  

According to the latest statistics, publicly disclosed hacktivism attacks have been in sharp decline, going down by 95% since 2015. One of the most known hacktivist groups is Anonymous, which made up 45% of all attacks in the past 4 years. Other groups include Lizard Squad, Syrian Electronic Club and CCC. 

Some examples of hacktivism include Doxing (sharing damaging, private documents with the public), DDoS, Data Breaches and Vandalizing of Online Properties (including social media). 

Cyberwarfare and Cyberterrorism

Cyberwarfare attacks are usually done at a national level and are sponsored by nations. Instead of waging war with guns and tanks, attacks take place in cyberspace.

Russia and the U.S. have active cyberwarfare programs, and other countries like China, the U.K. and Iran are thought to have them too. This type of warfare can take different forms: from the “tamest” kind (i.e. meddling with elections) to the downright dangerous (i.e. sabotaging test-launching of missiles or trying to trigger explosions in petrochemical plants). 

If an international war should break out, there is no reason why cyberwarfare would not be used as the greatest new weapon, just like nuclear bombs in WW2. 

Cyberterrorism is a branch of cyberwarfare, and what differentiates it is that you do not know where attacks came from and when they might happen again. Cyberterrorism may be done for financial reasons, but could also overlap in some ways with Hacktivism if the motivations behind it are religious or political. Up until now, there haven’t been any openly reported cases of cyberterrorism. Incidents that have happened up to this point were more akin to Hacktivism, as with the defacing of the US Federal Depository Library Program website in January 2020.


Now that you have learned the motives why hackers may attack you, you can review your security plan and see if you are protecting yourself in the right way. 

A secure codebase is the first step to securing your system or applications from malicious hackers. Leaving open vulnerabilities in your source code makes it easy for somebody to attack you, causing financial loss and more. 

Kiuwan is here to help you secure your applications. Request a demo today and learn more about SAST and SCA with Kiuwan and move towards a more secure future. 

Banner for Kiuwan Demo request