Unlike cybercriminals, hackers are not necessary interested in someone’s money or secrets, so what drives them to be what they are? A security firm, called Thycotic has taken on the challenge and surveyed over a hundred conference visitors who consider themselves to be hackers.
The findings supposedly reveal motivations behind hackers’ actions and their weapons of choice. Use this insight to plan your own cyberdefense. It is very interesting, but 86% of hackers are sure they would not be punished for their deeds nor need bear responsibility for the consequences.
Impunity is the primary call to action for cybercriminals. Another amazing moment defines the weakest link amongst personnel whom hackers would use to infiltrate an organization’s security system. 40% of respondents would choose the company’s contractors as their primary targets. Usually contractors have access to corporate networks but are not entirely embraced by the corporate security policies. Curiously, information security administrators take the lead in this rating. Although they are mostly aware and prepared to handle the attack, 30% of hackers aim at them in their efforts to breach the corporate network.
Curiously, Thycotic’s list does not include PR or HR personnel who are traditionally regarded as highly vulnerable to targeted attacks. The survey also reveals shocking findings regarding the motivation behind hacking as hackers themselves describe it. Over a half of the surveyed hackers (51%) attack everything they lay an eye on ‘just for fun or the thrill’, whereas a relatively low proportion of respondents (18%) pursue material benefit. Almost 30% of hackers follow ethical principles, which is good.
The majority of hackers are realistic and acknowledge that possessing certain capabilities does not always mean that they themselves are safe. In fact, 88% think that they run a high risk of their own personal data being stolen by other attackers.
