Hacking is ranked as one of our modern world’s biggest risks. It threatens governments, businesses and individuals and costs the global economy up to $500 billion annually.
So what on earth motivates hackers to do what they do?
Like the rest of us, the reason many hackers get out of bed in the morning is money. But, with all sorts of people willing to pay for hackers’ services, the nature of the activities that any two hackers engage in can vary enormously.
â€œWhite Hatsâ€ as they’re fondly known in the business are legitimate, well-intentioned computer security experts who keep their organisation’s information systems secure. White Hats test the systems that they work on by breaking into them and then fixing the problems thereby uncovered, something known as â€œcreative destructionâ€ or â€œpenetration testing.â€ Often on the payroll of large-scale corporations or governments, White Hats are the socially acceptable side of hacking, the good guys.
Working to the maxim that nothing is completely secure, â€œBlack Hatsâ€ use their technological expertise for more malevolent ends. Breaking into networks and computers, creating viruses and malware, Black Hats are the online threats that we’ve become so accustomed to hearing about.
Though sometimes paid by a third party, such as sophisticated criminal organisations or some other clandestine group, they tend to make the largest amounts of money when working alone. Cyber-crime can be very lucrative, with many unscrupulous black-market movers and shakers ending up wealthy.
Other hackers are less interested in making money, instead using their skills for religious or political ends. â€œHacktivistsâ€, as this group’s become known, may wish to expose wrongdoing, exact revenge, stage protests, or merely disrupt the online activities of those to whom they’re ideologically opposed.
Groups of these so called Hacktivists, such as Anonymous, have become increasingly common in recent years. The level of threat that they actually pose is hotly disputed, with many doubting that such groups â€“ which often lack any real leadership or shared objectives â€“ are capable of any real damage. However, there’s no reason to think that if one of these groups were able to organise themselves in an efficient way, they couldn’t wreak havoc.
Similar in their apparent uninterest in making money are those whose primary motivation is gaining status within the hacking community. This type of hacker is likely to attempt to breach high-profile information networks in order to make a name for themselves. Hackers of this sort have breached many military, financial, and governmental information systems, as well as many other famous systems just to prove that they’re clever.
Though perhaps less dangerous than the Hacktivists by virtue of merely wishing to break into a system, rather than to overtly attack it, such status-driven hackers have been responsible for many of the most famous cyber-crimes, and they often cause collateral damage.
Interestingly, when the victim organisation can open up a dialogue with the hacker responsible, sometimes they’re able to garner tips on how to up their security, turning these egotist hackers into White Hats. Some financial services, though unlikely to openly admit the existence of such attacks, have at least hinted at upgrading their systems in this manner.
Spies for Hire
It is well known (though you would have a hard time proving it) that many governments employ hackers to further their intelligence and military objectives by breaking into the information systems of other countries. Though diplomatically contentious to say the least, there is little doubt that this sort of activity occurs; whether such hackers are classified as White Hats or Black Hats presumably depends upon their geographical location.
Similarly, major companies are also known to employ such spy hackers in order to gather rivals’ trade secrets and future strategies. And whilst, unlike their Governmental counterparts, the actions of such hackers are clearly illegal, such hacking can obviously yield extremely profitable results and may in fact be key to some organisations staying ahead of the competition.
Of course, the reality is that most hackers probably aren’t amenable to neat categorisation, and employ their talents to numerous different ends for a mixture of motives. After all, like all of us, hackers surely have an array of monetary, ideological, and personal interests. The difference is that they possess the technological know-how to act on their interests in a way that’s alien to the rest of us.
Take, for example, Gary McKinnon. By hacking into US military computer systems, he became both the subject of a ten year legal battle and one of the most famous hackers in the world. Why did he do it? He claims that his major motivation was to expose top-secret Government information pertaining to UFOs.
One could, then, label McKinnon as a type of Hacktivist, albeit certainly an unusual one. Yet he also left a message on the military’s website which read, â€œyour security is crapâ€ â€“ more like the actions of a status-motivated hacker. What’s more, as McKinnon worked a day job as a computer contractor, at least some portion of his activities where wholly White Hat.
Complicated as hackers’ motives might be, one thing is clear: their actions have a high cost. The average computer incident sets large companies back £120,000. Evidently, there’s big money to be made and lost in this hidden world. And with each generation becoming increasingly computer literate, the battle looks set to continue for a while yet.