Security Fundamentals

Motivations of Malicious Hackers

Why do people hack?

1. Commit Cyber Crime

Crimes against individuals, groups, companies or governments. Mostly people commit cyber crime for
  • financial reasons (to steal money or use other people's money to buy things which they can later turn into money, or hold to ransom by encrypting information and only selling the 'key' in exchange for money).
  • Others may commit cyber crimes for revenge (may have been sacked or 'dumped')
  • Break copyright by watching films/programs or downloading music or programmes without paying for it.
  • A few others may commit cyber crime for 'Grooming' by pretending to be someone other than themselves for some gain.
Hacker Motivations

2. Carry out Hacktivisim

This involves the act of hacking or breaking into a computer systems for political or socially motivated purposes. Hacktivisim is often related to or excused on the grounds of free speech, human rights or freedom of information. While 'hacktivists' argue that what they do is ethical - a right and proper thing to do. - it's doesn't mean it's not malicious.

3. Cyber Espionage

"The name is Bond: James Bond" Not really, but Cyber Espionage or cyber spying, is about the stealing of secrets stored digitally on computers.

This can be done by one company spying on its competitors or by countries spying on the secrets of others.

While the video concerns China's efforts at cyber spying, most countries are involved, even the UK through GCHQ.

Cyber warfare

4. Conduct Cyber Warfare

"Cry havoc and release the dogs of war!" or at least a switch on a computer.

This is where one nation state attempts to penetrate the computer networks of other countries with the aim of causing damage or disruption. Essentially it is warfare carried out on computers.

Cyber warfare as a motivational factor may only account for a small number of attacks, but their consequences can be enormous. Imagine what the consequences might be for example, if the power-grid was switched off; the banking network closed down or air traffic control corrupted.

Tasks

Committing crime isn't always about theft and financial gain. So in your OneNote book:-

  1. In the Security Fundamental section, add a page titled Hacker Motivations.
  2. Create a list of reasons of why people engage in cyber-crime.
  3. Read Hacker jailed for revenge .... It's an oldie but funny if you weren't involved.
    1. In your notebook explain what the hacker did and why?
    2. Explain how the hacker was able to access the sewage system.
  4. Name one of the biggest file sharing sites in the world.
    1. What crime is committed by users of this site?
    2. How are governments trying to get this site closed down?
Sewage Plant

Well, as it turns out, if its Cyber-warfare, quite a lot. All the major powers have cyber-troops looking at ways to disrupt the technology of the 'other side'.

Stuxnet, one of the first and most successful 'weaponised' programs, was used to disrupt Iran's nuclear program for years. Although everyone denies it, USA is getting the credit or blame for developing it.

Read about Stuxnet by following the link How Stuxnet attacked a nuclear plant.

  1. In your notebook under the section titled Hacking Case Histories:-
    1. Under a sub heading Victim. Identify the principal target of the attack.
    2. Under a sub heading Motivation, describe what you think was the motive of those carrying out the attack.
    3. Under a sub heading Method, briefly describe what the computer worm did. How did the malware get into the system.
    4. Under a sub heading Reasons for success, explain why the malware was so successful.
    5. Under a sub heading Lessons Learned, explain how you think the attack could have been halted.

You can find more about how Stuxnet worked by reading the companion link at What made the world's first cyber weapon so destructive?

Make sure you check out the short videos in Section 3. CLICKABLE: Sophisticated and specific.

Normally not much would be known about malware used by governments. But Stuxnet is one of the most studied because it was one of the first and most successful. It also remains one of the most sophisticated.

You should be able to:-
  • List the principal motivations of malicious hackers.
  • Explain why some individuals and groups might want to commit cyber-crime.
  • Explain the term Hacktivism.
  • Provide an example of Cyber-warfare.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee