Two hackers in a dark room with multiple computers choosing victims from around the world. Two hackers in a dark room with multiple computers choosing victims from around the world.

How Do Hackers Choose Their Victims & What They Want

Hackers launch cyberattacks every 39 seconds, affecting 1 in 3 Americans, according to a University of Maryland study. But what do hackers want, and how do they choose their targets?

Hackers choose their victims where there is a higher probability of easy financial gain. Some cyberattacks are motivated by activism and target individuals, governments, and corporations. Hackers may also be directed to attack designated targets. It’s rare for cybercriminals to choose random marks.

You must understand the answers to some common questions.

Two hackers in a dark room with multiple computers choosing victims from around the world.

What Do Cybercriminals Want

Hackers are primarily out for financial gain. They aim to find the easiest targets with the most monetary return on their invested time and skill.

Threat actors will typically resort to various tools to extract money from victims. Some common ways of extortion are:

  • Data ransom or exfiltration: an attacker will lock out or encrypt a company or individual’s data as a means of extortion. Examples: ransomware or selling extracted information.
  • Infrastructure theft: an attacker will take control of information systems for use rather than destruction. Examples: crypto mining or use as a botnet.
  • Denial of service: an attacker will prevent information systems from performing a routine operation. Example: DDoS using a botnet

Sometimes state agencies will hire hackers to perform operations against targets deemed as enemies of the state or for intelligence gathering purposes. These attackers are generally motivated by guaranteed paydays. Government-sponsored hackers give officials plausible deniability regarding the results of attacks.

Other hackers are motivated by activism. The portmanteau, hacktivism, describes a hacker who operates to further an ideology or political agenda. They generally work as part of a collective of other engineers passionate about helping right a societal wrong.

Some hackers are purely motivated by learning the craft or for bragging rights to their attacks. The attacks themselves are the reason for the attack. The choice of their victim is only a function of exploiting a found vulnerability.

In fact, motivation is one of the ingredients that goes into categorizing hackers.

How Many Types of Hackers Are There

There are primarily 3 types of hackers and 7 additional types of infosec actors.

  • Black Hat: Experts without authorized, lawful system or network access
  • Grey Hat: Illegal turned lawful hacker, or White Hat publicly exposes findings
  • White Hat: Defensive technicians working for a would-be target
  • Red Hat: White Hat adding vigilante-like methodologies and outcomes
  • Script Kiddies: Amateurs attackers with little intention other than showing off
  • Green Hat: Newbies in the field motivated to learn the craft
  • Blue Hat: Revenge is the primary motive; alt: outside security professionals
  • Hacktivist: Politically or ideologically motivated
  • Insiders and Whistleblowers: Those inside an organization with access to information & systems
  • Nation State-Sponsored Hackers: Covertly employed and directed by governments

Black and white hat hackers are the most commonly used and broadest descriptions of hackers. The other categories mix motivation and skill levels.

With the exception of White Hats, all other types of hackers have a secondary objective…to not get caught.

Hacker in hoodie with hands up in surrender in front of screen that says "failed".

How a Hacker Is Caught

Most threat actors cover their tracks to avoid detection. These experts employ all manner of “anti-forensic” strategies and tactics to avoid capture. They may encrypt data before transferring it out of a system, erase or modify security logs, or run malware from RAM instead of the hard drive to avoid being caught.

Despite their best effort, here are common ways a hacker is caught:

  • Human error: hackers are human (for now), and minor errors in execution can lead to being caught.
  • Correlation: hackers may repeat the same successful attacks or employ strategies that reveal a pattern when reviewed over time.
  • Vanity: hackers have or form egos during their career, which can lead to boosting their successes and being caught through this social weakness.

Only about 5% of cybercriminals are apprehended. But when a hacker is caught and arrested, there are generally, at a minimum heavy fines. Extreme cases of cybercrime lead to years in prison, if not worse.

The luckiest of hackers may eventually reform and start using their skills to the benefit of individuals, companies, and government agencies as a White Hat. These experts become vital parts of an organization or discover new ways to help information systems.

Why Hackers Are Important

Hackers are essential because of their contributions to innovations in computing and their ability to uncover security flaws in information systems. Cybercriminals attacking IT infrastructure give hackers a bad reputation primarily due to the negative impacts of their efforts. 

Innovators like Steve Jobs, Mark Zuckerberg, and Bill Gates are some of the most notable names of hackers in modern times. These experts took their skills and love for computing technology to the next level capitalizing on their ability to recognize problems and design solutions.

Hackers are avid and voracious learners who hone their programming skills using several coding languages and platforms. This experience makes most hackers very effective coders. High tech companies employ some of the most experienced development engineers giving them latitude to experiment and solve today’s most challenging computing and non-computing problems in unique ways.

The typical hacker is also a good sleuth in testing software for standard errors and would-be security vulnerabilities. Governments and companies employ hackers as QA engineers and perform penetration tests on software and infrastructure products. Hackers are some of the most detailed-oriented engineers.

Remember that not all hackers are malicious. Hackers can be valid contributors to society and are especially important as more of the functions of modern society is increasingly reliant upon computers and the internet.