Council Post: Why Do Hacks Happen? Four Ubiquitous Motivations Behind Cybersecurity Attacks

Andrew Newman is the founder & CTO of Reason Labs, a cybersecurity company providing enterprise-grade protection for users around the world.

Cybersecurity attacks occur all around the world every single day. Whether it’s customer data being stolen, ransomware being deployed or cryptojacking, cybercrime is on the rise.

However, if one ponders the nature of these attacks, there seems to be an uneven phenomenon occurring. On the one hand, there may be a newsworthy story of one lone actor crypto mining illegally, and in the same breath, we’ll hear about entire ecosystems being attacked. From tiny fish to great big whales, why is the nature of cyber attacks so diverse?

At a basic level, one could argue that cybercrime is typically about making money. But when we delve further into the motivations behind cyber attacks, there are four driving forces.

Financial Gain

Let’s start with the obvious motive, financial gain. In 2022, cyber attacks driven by a payday are still at an all-time high. Ransomware—where the aim of the game is to hold you to ransom for cash—is a key player.

Phishing scams are one of the most common distribution methods of ransomware and other malware, as evidenced by RAV researchers in Reason Labs’ 2022 State of Consumer Cybersecurity Report. Spray phishing, spear-phishing and whaling attacks are still the number one methods used by attackers to bait consumers into giving up their money. And the attackers are getting more clever. We now have browser-in-browser attacks that are, unfortunately, even more difficult to spot.


For The Sake Of It

Sometimes a vulnerability is simply an accidental finding that someone tech-curious has found and messed around with. Or sometimes, a prankster will simply want to see what carnage they can cause. So many items are connected to the internet these days that if someone is inclined, the world is their oyster.

The LAPSUS$ Group, one of the most high-profile hacking groups of 2022, seems to consist of British and Brazilian teenagers hacking just for jokes—although they too have branched out into the ransomware arena. This year they threatened Nvidia, the largest microchip maker in the U.S., that they would release 1 TB-worth of data unless a ransom was paid.

Cyber Warfare

Cyber warfare’s purpose isn’t solely to steal a nation’s sensitive data through cyber-espionage tactics or wreck their financial resources. It also causes destruction and chaos to its citizens, charging like a hurricane through a network or device. The perpetrators often want to create a state of fear and paranoia.

Many cyber warfare tactics today include deploying ransomware and finding vulnerabilities in a nation state’s critical infrastructure, such as electricity, pipelines or communication networks. Most notably, wiper attacks have become a common cyber warfare weapon.

Wipers are a piece of malware that wipes your computer. These are used to target computers in warring countries, affecting a country’s integral systems, including medical organizations, transport links and internet networks, leaving small businesses and consumers to become collateral damage.

As a result, we have a collective urgent need to protect consumer infrastructure—so much so that CyberPeace Institute, a Geneva-based NGO, is advocating that attacks against civilians may, under international humanitarian law, amount to war crimes. At the end of the day, it’s ordinary people who suffer.

And as mentioned above, even if the worst doesn’t occur, the specter of a catastrophic incident hanging over organizations, governments and nation-states causes panic and nervousness. The current Russia-Ukraine war has caused many in the industry to predict widespread cyber harm, but how many of these predictions will pan out remains to be seen.

Data Theft

Having mountains of data at your fingertips gives you overwhelming power. There have been instances in the past that display the vastness of data breaches, e.g., the First American Financial Corporation data breach of 2019, which affected 885 million data records, or the Facebook data breach of 2021, which compromised 533 million records.

Data theft of the future is constantly expected on popular platforms that may have vulnerabilities. For example, despite being originally intended for gamers, so many businesses now use Discord that it has become susceptible. This is because there is more opportunity for threat actors to use the platform for malicious activity. Frustratingly, there is little chance of motivation behind data theft dissipating in the future because user data will always be valuable—circling us back to financial gain.

Additionally, hacktivism is on the rise, a major type of data theft that can sometimes merge into the aforementioned cyber espionage as well. For example, hacking group Anonymous’s recent hacktivism campaign against Russia has resulted in the disabling of Russian media, government and corporate websites and data leaks from prominent organizations, all affecting consumers’ daily lives.

In Conclusion

Amidst all this international mayhem, antivirus providers are focusing on protecting individual technologies, But ultimately, with so many smart devices and larger networks and servers, everything links up. To create successful defenses against cyber attacks and pre-empt escalating situations, it is important to understand, and get into the mindset of, what motivates the attacker.

Financial gain will always be a driving force for many decisions humans make. We must understand the far-reaching consequences of the invasion of our privacy and wider networks.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

Council Post: The Rise Of Web3: What Cybersecurity Concerns Should We Look Out For?

Andrew Newman is the founder & CTO of Reason Labs, a cybersecurity company providing enterprise-grade protection for users around the world.

Web3 is the kitschy term that refers to the next iteration of our internet—including cryptocurrencies, decentralized networks, the blockchain and more. While for many people the concept of Web3 seems a futuristic, light-years-away idea, the truth is that it’s much more impending than we think, with many elements already firmly entrenched in the wider public consciousness. Nine countries have already launched Central Bank Digital Currencies (CBDC)—virtual currency backed and issued by a central bank.

The cutting-edge technologies of Web3 are revolutionizing industries and parts of everyday life, which also means they bring with them novel security threats. This begs the question: With such nascent technology, what other kinds of emerging threats are out there? And how do we protect ourselves?


As with all popular trends, it doesn’t take long for cybercriminals to jump on the bandwagon. In Reason Labs’ State of Consumer Cybersecurity report, RAV researchers revealed 2021 was “the year of the miner.” The number of crypto miners distributed throughout 2021 was enormous, as almost 60% of all Trojan activity detected last year were miners. It’s a threat that, although it may not harm a user’s device like traditional malware might, will directly affect a user’s pockets—your electric bill can skyrocket from the constant use of computing power as crypto coins are harvested without your consent.

It’s difficult to know where to draw the line on crypto mining. The subject has raised a bunch of questions involving the ethics around it: Is crypto mining legitimate? Is it a threat? Do we need permissions? Either way, leveraging people’s computers to carry out activities without their consent is most definitely a giant no-no.


Blockchain Vulnerabilities

There are definitive security concerns surrounding digital currency. Contrary to popular belief, the cryptocurrency blockchain is not an impenetrable force. When you or trusted sources operate the majority of a blockchain, it’s secure. But if a simple majority of more than 51% of the blockchain is controlled by malicious miners, it breaks the chain, making it susceptible to manipulation—and worryingly, these so-called “51% attacks” are also on the rise.

In 2020, bitcoin gold, a relatively minor cryptocurrency, suffered a 51% attack resulting in over $72,000 worth of bitcoin gold tokens being double-spent. And just last month, Axie Infinity, the play-to-earn crypto game, was hacked to the tune of $625 million by hackers stealing from the underlying Ronin blockchain—taking crypto heists to shockingly high new levels. Many in the cybersecurity industry would regard an event like this as a learning curve, but it’s a pretty expensive lesson!

Phishing Threats

Another threat that is likely to inveigle itself into the Web3 domain is phishing. Phishing is nothing new; however, the manner in which it’s being used today is. In October 2021, attackers used phishing emails to rob cryptocurrency from 6,000 customer accounts at Coinbase by exploiting a flaw in its two-factor SMS system. Another malicious example of this kind of theft was seen in February, when $1.7 million in non-fungible tokens (NFTs) were stolen in a phishing attack on OpenSea users. Over 250 tokens were stolen by an attack that exploited a hole in the Wyvern Protocol, which is the standard that underlies most NFTs.

These examples exhibit how the technological world’s rapid race for development and constant turnover is both its greatest asset and its biggest downfall. On the one hand, the Web3 “Industrial Revolution” is set to make great waves in terms of easing everyday life and making certain technologies available to the average consumer. On the other hand, as companies rush to be the first product on the market, holes and vulnerabilities that weren’t expected can appear, and there is a higher chance of data compromises.

The Need For Education

This brings us back to a theme I’ve discussed here before: the importance of education surrounding cybersecurity. How do you stop phishing scams? What does it mean to be cyber safe? How do you fully trust something? Teaching consumers to ask—and providing answers to—these questions is crucial. Learning to recognize suspicious signs will raise consumer awareness where the safety of their devices, and their data, is concerned.

Additionally, next-generation antivirus (NGAV) and endpoint protection solutions are a necessity. Attackers are always trying to tip the scale in terms of trust. We need a combination of the human brain, instinct and AI machine learning to detect and flush out novel threats.

Unfortunately, the “freedom” and end-user ownership that Web3 will offer consumers is the same freedom that cybercriminals will also be able to enjoy. We need to find a solution whereby the vision of an autonomous web for all can be experienced, without opening up a huge can of worms.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?