One of the worst things that can happen to you on the Internet is that your website is hacked. If that happens you’ll probably panic and, after that, you’ll try to solve the problem as soon as possible. Once you get everything back to normal, usually you ask yourself the typical question: why me?
Before trying to answer the question that heads this post, let’s see in more detail the definition of hacker:
We see that, according to the dictionary, a hacker is someone who hacks into other people’s computer or phone. But the truth is that a hacker is someone who is expert in the use of computer systems and their security. Therefore, a hacker does not have to be someone dangerous or criminal.
The hacker term is differentiated from cracker, more usual and precise if we want to refer to cyber-criminals. In the remainder of the post, I will use the term hacker with the popular semantics of cracker or cyber-criminal, even though we already know now that it is not quite correct.
Reasons Behind a Computer Attack
It’s not personal, it’s just business.
It may seem incredible but if your website was hacked it is very likely that whoever has done so has no personal interest in you. Surely that person does not even know you. As we will see below, the main reasons for a hacker to “work” on your website are others.
You will rarely find out that your website is being hacked. Visiting your website and finding a message from a hacker of strange origin on the main page claiming who knows what… that is becoming more old fashioned nowadays.
Anonymity is much more profitable to the hacker, because if you don’t realize you’ve been hacked, they can continue controlling your website. For what reasons?, you may ask… The answer is very simple. Most attacks today are carried out to monopolize resources that allow hackers to perform larger actions afterwards.
A hacker who is interested in taking down an important website to get his minute of glory will need to hack thousands of webs previously to control their resources and prepare a denial of service attack (causing thousands of servers to try to access the attacked web at the same time, overloading their servers due to huge amounts of parallel requests).
The same occurs when mining cryptocurrencies. Setting up server farms costs a lot of money, so hackers follow a more profitable approach getting control (illegally, of course) of thousands of websites with security problems so that, without you knowing, they use your resources to mine bitcoins, for example.
So, unless you are someone really important, if you have been hacked they have done it for your resources and not for something specific against you.
Proof of Superiority
Hackers will break into your website exploiting a security breach for the simple reason of showing that they can do it. This is something that has been happening since the beginning of the Internet.
To make a name on the web, many tried to hack computer systems of outstanding importance. I am referring to a wide range of systems, from government-related to the latest smartphone that goes on sale.
Everyone is aware of the interest of large companies to recruit these security experts in their staff so that they end up putting their knowledge at their service. Hence, many hackers want to get a name on the web by detecting and reporting security breaches.
Cyber Activism or Hacktivism
Freedom of information, the fight against censorship, climate change, political ideas… any topic that generates some controversy may be the motivation for a team of hackers to decide to carry out an attack to a web.
Even when looking for documentation for this article I found concepts as surprising as crime as a service. It refers to being able to hire the services of a team of hackers to perform the cyber attack you want. You just have to do a search in the traditional media to find the most curious headlines.
Finally, the main reason for most large-scale cyber attacks is none other than money. We are already used to see in media news about data breaches in systems with thousands of users. These data can include email addresses and passwords, or even information about credit cards. And all this can be sold online.
It’s interesting to take a look at this website where you can enter your email address and you will see in how many security breaches your data has been leaked at some time. Incredible!
What is clear is that nobody is interested in being hacked. To avoid falling into the networks of hackers remember to keep your site up-to-date, follow best practices on management and maintenance of your website and, if in spite of this you end up being hacked, have backups ready to be able to revert the situation as soon as possible.
In the end, if you have an alarm in your house because you want to protect your valuables from robbers, you should do the same with your website if it has content and valuable data. Trying to save money in this can be very expensive afterwards.