Skip links

How do hackers choose their targets? 

VBS IT Services

VBS Roboform password manager

Ever wondered what goes on in the minds of cyber criminals? Here we will now explore what goes on in the minds of these mysterious people. 

Cyber-attacks and data breaches happen more often than we realise. Cyber criminals are attacking all kinds of organisations on an hourly basis – damaging everyone from vulnerable small charities and non-profits to large multinational corporations. 

This makes us wonder: 

What makes a company attractive to hackers? 

Do the victims of hacking attempts have anything in common? 

If you knew your company was a likely target would you adjust your defences accordingly? 


The various types of hackers 

In order to know if you are a potential target, you will need to understand who the hackers are and what motivates them. 
There are a number of reasons why someone hacks into a computer network. The indicators are who they target, their means of compromise and preferred infiltration tactics. 


A Hacker with Unique Motivations: The “Hacktivist” 

The hacktivist has been rising in prominence thanks to the creation of groups such as Anonymous. This legion of hackers tends to be younger, less experienced and often operate either as part of a small group or even alone. Their primary motivation is an ideology or agenda, with their targets often companies or institutions that conflict with these values or beliefs. These types of operators will often try to leak information that moves public opinion. 
As a protest, they’ll also vandalise online platforms or social media sites. 

Hacktivists often target terrorist organisations, some of which you’ve probably heard of including ISIS or white supremacist outfits. They can even target local government organisations. 
Private companies as well – such as extramarital dating site Ashley Madison- might also come under fire. Hacktivists are unique in the hacking community, in the sense that their activities sometimes garner support among the public. They do however, represent a small minority of hackers. 


The Hacker’s General Motivations 

By now, this leads us to pose the question: what motivates a hacker? The most common type of hacker is motivated by money. These cyber criminals are often tied either directly or indirectly with established crime gangs, forming an industry with sophisticated methods and practices. This allows cyber criminals to take advantage of advanced intrusion methods, tools and campaigns. 
Common activities include phishing scams and ransomware campaigns. Whilst this type of operation tends to run on a much larger scale, it’s quite common for such campaigns to indiscriminately target as many victims as possible to maximise the potential earnings. 

One of the more targeted strategies of attack involves identifying wealthier organisations and using spearphishing or direct network intrusion attempts to carry out operations such as fraud, theft or blackmail. 
These kinds of attacks are generally aimed at private sector organisations, as these tend to be wealthier than public sector bodies. 

Another key member of the hacking community is the state-sponsored operative. These hackers operate under the banner of a specific government and are enlisted to carry out attacks on their behalf. For the purposes of plausible deniability, they are often hacktivists or common cyber criminals whom the government in question employs on a freelance basis. 

These ‘nation-state actors’ are like both other kinds of hacker in different respects. They sometimes attack specific victims based on political motivations, such as the case of the Sony Pictures hack. The conclusion of this when carried out by North Korea was a delay to the release of “The Interview,” or in Russia’s hack on the Democratic National Committee (DNC). 
They have also been observed to carrying out financially-motivated attacks, with the same North Korean-linked group behind the Sony attack also being accused of spreading the Magecart credit card skimmer to swell the country’s coffers. 

Another type of hacker that operates in a coordinated, organised manner is the APT actor.  Standing for “advanced persistent threat,” APT actors conduct prolonged cyber against specific organisations, institutions or individuals. Although infiltration and data exfiltration are common hallmarks APT actors, in the main they are solely focused on espionage, disinformation, denial, disruption or destruction, usually in support of kinetic or military operations. 

It might all sound a bit too scientific, however results show that cyber criminals can be motivated by a mixture of goals and will often dictate who will be chosen as the next victim. For most, the motivation is straight-forward and somewhat unsurprising: money. 
Most hackers will be greedy and focus on their own wealth and well-being. This is why they will often resort to blackmailing victims through ransomware or using various phishing techniques to fool them to make a transaction. 

Once money is the primary, if not sole motivator, it makes perfect sense for them to target someone who is known for wealth. This includes larger corporations, especially the publicly traded ones which are known to generate a substantial profit. 
Additionally, these companies are likely to pay the ransom and not disclose the attack. Public knowledge of the incident is likely to negatively impact their share price and reputation. 

This doesn’t mean that smaller companies and individuals are safe from any type of hacker. One popular tactic adopted by cyber criminals is a mass-impact attack, which targets a large number of victims and attempts to extort relatively small payouts from each of them. 
Additionally, one benefit of this tactic is that the stolen sum might go unnoticed, whilst even those who spot the unexplained transaction are unlikely to report it to the police if the amount is too small to warrant the effort. 

For ideological attacks, the motivation becomes a touch cloudier. Human nature is such that there are countless reasons why someone may take issue with a company’s actions. They may disagree with a specific element of your values, your recent actions, or you simply represent a system they wish to strike a blow at. 

The aim is to humiliate the victim regardless of the motivation in mind, usually achieved by focusing on things that the target would prefer to remain unseen. Internal emails are often a key target for hackers in this scenario, as are financial documents which may indicate potential wrongdoing. 

However, one common thread which runs through almost all of the cybercrime that we see – laziness. Hackers will always go for the easiest option. No hacker will use a finely crafted zero-day attack if they can exploit a set of unchanged default credentials instead. Similarly, when presented with more than one potential target, the less well-defended one will always be the top choice. 

Hackers now have access to just as many scanning and analysis tools as security teams. It’s trivial to assess how many potential routes of entry there are into a prospective victim’s network, so it pays to make sure that your own applies security best practices.  

Miguel Ribeiro 2022 face

We offer a free technology consultation. Click here to learn more.

Proud To Deliver Game-Changing IT Support in Toronto: Trust VBS

Our IT services help businesses in Toronto, Mississauga, Markham and Richmond Hill transform technology into an empowering asset for their success and profitable growth. Our expert team of friendly IT Support & Cybersecurity specialists keeps your day-to-day IT running efficiently and smoothly, while empowering your strategic success and Cybersecurity. With a unique offering that configures and integrates CRM capabilities with your existing tools and workflows, we help businesses to sharpen their competitive edge.

Curious to see the difference that VBS can deliver for your business and goals? Digital excellence is just a click away!


Remote Work vs. Office: Analyzing the Benefits and Drawbacks

Company Versus Personal Computers – What are the Risks