The main attraction during the annual Black Hat hacker conference is the demonstration of vulnerabilities of something which would definitely not spring to your mind when thinking about security – say, cars or toilets. But an even more interesting at BlackHat are the security gurus, which frequently refer to themselves as hackers. Unlike cybercriminals, hackers are not necessary after someone’s money or secrets, so what drives them to be what they are? Thycotic, a security firm, has taken on the challenge and surveyed over a hundred conference visitors who consider themselves to be hackers. The findings supposedly reveal motivations behind hackers’ actions and their weapons of choice. Use this insight to plan your own cyberdefense.
Amazingly, 86% of hackers are sure they would not be punished for their deeds nor need bear responsibility for the consequences. Impunity is the primary call to action for cybercriminals.
Another interesting find defines the weakest link amongst personnel whom hackers would use to infiltrate an organization’s security system. 40% of respondents would choose the company’s contractors as their primary targets. Usually contractors have access to corporate networks but are not entirely embraced by the corporate security policies.
Curiously, IT administrators take the lead in this rating. Although they are mostly aware and prepared to handle the attack, 30% of hackers aim at them in their efforts to breach the corporate network.
Even hackers consider their personal data vulnerable to scams – a shocking 88% of them!Tweet
Curiously, Thycotic’s list does not include PR or HR personnel who are traditionally regarded as highly vulnerable to targeted attacks. The survey also reveals amazing findings regarding the motivation behind hacking as hackers themselves describe it. Over a half of the surveyed hackers (51%) hack everything they lay an eye on ‘just for fun or the thrill’, whereas a relatively low proportion of respondents (18%) pursue material benefit. Almost 30% of hackers follow ethical principles, which is good.
The majority of hackers are realistic and acknowledge that possessing certain capabilities does not always mean that they themselves are safe. In fact, 88% think that they run a high risk of their own personal data being stolen by other hackers.