Lock down – Why hackers are always at work?
While the whole planet is struggling with the current COVID-19 pandemic and life has come to a standstill because of lockdown being enforced in most parts of the work with most of the organizations, public offices, educational institutes, transportation systems etc. being closed, the hacking attempts are on the rise and the cyber-attacks have increased.
With a large number of people working from home networks which often lack the advanced security devices found within the corporate environment, it has increased the attack surface for the cyber criminals. Furthermore, lot of schools and educational institutions have stated to take online classes for the respective curriculums though multiple online meetings applications, and the screen time for students have increased multifold. While there have been reported cases of data and security breaches on some of the online meeting applications which we will discuss in subsequent series, there are increased number of hacking attempts by the cyber criminals during this lockdown period and below are some of the articles published in the leading publications around this as well:
In this blog we will talk about Hacking, but very specifically why do people hack? What are the motivations behind numerous hacking attempts which are always happening even as you read this blog and hackers are always at work around the globe, are the hackers always bad actors… or sometimes they are good people as well…?
Let’s look at some of the most important reasons on why hackers are always at work, and why we need to be always on our toes to save ourselves, our systems & devices, our organization from the cyber-attacks:
- Hack for Money: Money continues to be the main motivation for the professional hackers or hacking groups around the world to do cyber crimes that deals with stealing of critical and personal information that can be sold in cyber black markets or dark web, or they run the extortions and demand money from the victims by taking control of the victim’s sensitive information. For example, last year we saw the biggest ransomware attack called WannaCry where millions of computers around the world were hacked and users had to pay a ransom to get back access to their computers.
- Hack to Sabotage: These are very specific and targeted attacks on the organizations aimed at destroying or stealing any critical and sensitive information, or damaging the operations of any organization and making it unfit to operate. Most of these kind of attacks arise out of professional rivalries, political motivations or simply some rogue elements aimed at destroying an organization.
- Hack to Promote: Known as Hacktivism also, the kind of hackers aim to be an idealists, some have political motives, some simple target the government, and so on. These hackers can target religious groups, governments, movements, to promote an agenda. A major example is a hacktivist group called Anonymous who has been popular around the world for challenging and taking down many governments. Another most popular example is the Wikileaks, that publishes news leaks and classified media provided by anonymous sources.
- Hack for Passion: The hackers who fall into this category are very interesting and they can be either good or bad. They hack because they love to hack, to achieve a greater sense of purpose and to prove a point. Lot of good guys known as ethical hackers love to find unknown vulnerabilities in most common websites like Facebook, apple etc. and notifying these organizations about these vulnerabilities, and in turn they get rewarded by these organization heavily if the vulnerability is proved. There are bad guys also who hack for passion and steal information or disrupt your network to make a point.
- Hack to Secure: Yes, you read it right, hacking is also done to secure lot of things. From an organizational standpoint, there are teams who continuously work to find and exploit the known/unknown vulnerabilities and fix/patch them to prevent rogue actors from exploiting them. The modern advanced countries also run cyber armies aimed at neutralizing the threats originating from a different country on them. As an example, a lot is written about how United States made Stuxnet malware and hacked Iran’s nuclear facility to prevent them or force a delay in its operations of making a nuclear bomb.
- Hack for Fun: Also known as Script Kiddies, they just hack for fun and without any professional knowledge. They use most of the information, scripts, or other details available on internet to hack into a system, or an account of any other individual. Most of these amateur hackers target social media accounts of the known people, cheat codes for online gaming or any other widely used applications on social media or internet.
I hope you enjoyed this reading and please leave a comment for any questions and discussion you would like to have. We will go more deep in our upcoming blogs in this lock down series and will also focus on how these specific attacks or attempts are being carried out, and what are the most vulnerable areas that we need to watch out for.