What do hackers actually want? The answer varies widely depending on which types of cyberattacks you're talking about. Here's a look at the most common motives behind attacks by hackers.
I should preface this article by noting that technical communities lack consensus regarding the meaning of "hacker."
Historically, the term has referred to people who build new things or make them better, not break into software systems for malicious purposes.
For the purposes of this article, however, I'll be using "hacker" in the negative sense, to describe people who seek to gain unauthorized access to software or hardware.
Identifying What Hackers Want
We tend to treat hackers more or less as a single group. Yet in reality, there are many different types of hackers. Their strategies and methodologies vary. So do their motivations, which fall into the following main categories:
Some cyberattacks are designed to gain unauthorized access to data so that the data can be exploited in some way.
For example, exploiting consumer data was probably the goal of the hackers behind the Equifax attack in 2017.
In attacks like this, stolen data can be used to steal more information or assets from the parties who are affected.
Holding Data Ransom
In other cases, hackers might steal (or otherwise gain control over) data with the goal not of holding onto it permanently, but of charging a ransom to give it back.
This was the motive behind the recent Wannacry ransomware attack.
You could categorize these attacks as a form of data exploitation.
However, they differ in that the goal of the attacks is not to exploit the information within the data itself, but rather to make money by holding data for ransom.
If you're a hacker, you want access to computing resources and you don't want to pay for them. In these instances, you might launch an attack designed to steal infrastructure.
Such an attack allows you to take control of the storage, compute or network resources owned by other people. Hack 'em and you can then use these resources for yourself.
In some cases, hackers execute an attack against infrastructure in order to host websites or ads.
In other cases, their goal is instead to create a botnet of other people's servers and computers. The botnet can then be used to execute other attacks.
Among the most common types of attacks that are executed with a botnet (although this is not the only way to launch these attacks) is a denial-of-service (DoS) attack.
DoS—or Distributed-Denial-of-Service (DDoS)—attacks aim to prevent a website or other services from working.
The October 2016 Dyn DNS DDoS attack is the most recent major example of an attack designed to deny service.
Why would hackers want to deny service? Sometimes, it may be simply because they can. There was no clear motive in the Dyn DNS attack, for example; it was probably the work of attackers who just wanted to see if they could successfully shut down a large portion of the Internet.
But in other cases, denying service to critical websites or services could be a way to cause harm.
For instance, shutting down the network that a power plant depends on to operate would have serious real-world ramifications.
The world is a dangerous place. But when it comes to cybersecurity, it is so for a multitude of reasons.