Dec 23, 2019
The past ten years have been a busy time for hackers. A countless number of high-level security breaches have compromised billions of records. If you don’t know what we’re talking about, just watch our video on the Equifax Data Breach to see how just one mishap potentially affected 143 million people, leaving over 40% of the US population exposed.
But Equifax isn’t the only company targeted. Well-known companies such as Target, Marriott, Home Depot and eBay have fallen victim to data breaches in recent years, resulting in major financial loss and a hit to their reputations. But will all these devastating security breaches in the works, it makes us wonder — **Why do hackers do it?**
Of course, the reason someone decides to exploit an organization isn’t always in black and white. But usually, when it’s a high-level security breach, like Equifax, hackers are looking to gain fame. A sure sign that their main goal is to get their name out there is when they leave their alias at the scene of the crime, so people know this was their work. Letting people know that you were able to find your way through the protection of a well-known company is one way to be known as a “notorious hacker.” For instance, Ehud Tenenbaum, aka “The Analyzer” is an Israeli hacker known for being involved in a sophisticated computer-hacking scheme where he reportedly stole over $10 million from U.S. banks. It’s attacks like these that help hackers rise to fame.
Other than the fame, breaching a well-known company may be due to financial reasons. The potential for a large financial gain can be a huge motivator for hackers. You may be wondering, how much financial gain can there be when most companies don’t even hold credit card information? Here are four ways hackers can reap the financial benefits of a high-level data breach:
Believe it or not, some hackers are actually employed by the government or part of a private company hired by the government. In late 2015, hackers successfully disrupted the electricity supply of over 250,000 Ukrainians for 24 hours by compromising the information systems of three energy distribution companies. It’s known as the Ukraine Power Grid Cyberattack and considered the first successful cyberattack against power suppliers. The IP addresses of the attackers were traced back to the Russian Federation. This can also be considered a money motivator. In Russia, the unemployment rate is about 25% among college graduates and the monthly salary is about $700. But as a hacker, you can be making as much as $10,000 a month, making the job description quite appealing to anyone desperate to find work.
Breaches and exploits often take place simply because a hacker wanted to prove to him/herself (or others) that it can be done. Thankfully, some in the hacker community will report a breach once it’s detected and choose not to exploit it, but that’s not always the case.
Whether a hacker is trying to climb their way to the top or earn a large sum of money, the fact of the matter is that they aren’t slowing down their hunt. And keep in mind that cyber attacks are a matter of a return on investment -- simply put, hackers are looking to make as much money compared to the amount of time they put into a potential target. Therefore, hackers will be looking at achievable jobs, such as well-known vulnerabilities and then exploit yet-to-be-discovered vulnerabilities. It’s up to us to make sure we are protected the best way we can to avoid falling victim to these breaches by being aware of the vulnerabilities that hackers will be most attracted to. Programs that specialize in prioritizing vulnerabilities in real-time, such as Vicarius’ TOPIA, will be your solution to a secure organization.
Sealing the Patch GapDavid Asraf September 08, 2020
Predicting Vulnerabilities in Compiled CodeShani Dodge August 26, 2020
Vicarius and Etek NovaRed Announce PartnershipRoi Cohen August 13, 2020
Vicarius and SecureLatam Announce PartnershipRoi Cohen August 11, 2020
Vulnerability Rich - Contextually Blind!Michael Assraf August 06, 2020