Why Hackers Hack: Visualizing The Motives Behind Cyberattacks

Cyberattacks caused $450 billion of damage to the global economy in 2016, and this number is predicted to keep rising as we keep adding more connected devices to the mix.

As Visual Capitalists's Jeff Desjardins notes, the magnitude of this impact should not be understated. It’s bigger than the size of notable economies like the UAE ($371B) or Norway ($370B) – which is why it’s no surprise to see organizations putting major resources to shore up their internal defenses and to reduce the risk of threats.

But while the origins of this cybersecurity boom may be clear, what is less obvious is why all of this hacking is happening in the first place.

Why do hackers hack, and what are the motives behind these powerful cyberattacks?


Today’s infographic comes to us from Raconteur, and it breaks down the statistics from a couple of large global studies on cybersecurity.

Courtesy of: Visual Capitalist


One of the first datasets shown comes from Radware, showing the motives behind why hackers hack:

  • Ransom (41%)
  • Insider threat (27%)
  • Political reasons (26%)
  • Competition (26%)
  • Cyberwar (24%)
  • Angry user (20%)
  • Motive unknown (11%)

Interestingly, ransom is a top motive at 41% – but other reasons like politics, competition, and cyberwar were pretty evenly distributed in the mix as well.

Verizon, in their 2017 Data Breach Investigations Report, break down the motives of hackers in a different way. Using the three wider categories of “Financial”, “Espionage” and “Fun, Ideology, or Grudge (FIG)”, here is how cyberattacks look over time:



Most notably, espionage appears to be on the rise.

That’s significant, because over 50% of hacks already come from organized criminal groups, and close to 20% originate from state-affiliated actors. With espionage becoming a more common motive, it suggests that cyberattacks will continue getting more sophisticated and deliberate, and that specialized teams of hackers are executing a growing percentage of the attacks.

(For a real-time view of this espionage in action, make sure to watch cyberwarfare happening in real-time.)


Hackers hack for a multitude of different reasons.

However, it does seem that the actors and motives for hacking are gradually shifting over time. Fewer cyberattacks today have FIG motives (fun, ideology, grudge), and more attacks are increasingly tied to espionage.

With more deliberate, determined, sophisticated, and team-based attackers – it’s no wonder that the cybersecurity industry is growing at a 9.5% annual clip.


J. Peasemold G… ACP Fri, 01/05/2018 - 01:38 Permalink

ACP, the infographic design and layout is difficult, putting it politely.


The Motivation figures quoted are not mutually exclusive and hence do not add up to 100%.

One can be motivated by ransom and for political reasons, or an insider working for the competition.

How they come by the figures is not clear as the motive percentages at the top of the chart and the motives illustrated in the Data Breaches chart are not easy to correlate.


J. Peasemold Gruntfuttock

In reply to by ACP

shitshitshit J. Peasemold G… Fri, 01/05/2018 - 05:24 Permalink

if you don't know about the other attacks that are not twarted you're definitely having a sampling problem, hence the credibility of the result is compromised.

As an example, you will never know the global proportion of espionage cases because it's very hard to tell the difference if the job is well done. So discussing about the trend behavior is particularly irrelevant.

reminds me of debates about cosmology where people create a model of the universe whereas they don't see the end of it (most likely because it is inifinite) and then claim perpetual inflation or big bang or god knows what, and change/adapt their model with every new generation of telescope.

In reply to by J. Peasemold G…

FrankDrakman shitshitshit Fri, 01/05/2018 - 09:57 Permalink

reminds me of debates about cosmology where people create a model of the universe whereas they don't see the end of it (most likely because it is inifinite) and then claim perpetual inflation or big bang or god knows what, and change/adapt their model with every new generation of telescope.

Which reminds me of the debates about global warming... the AGW crowd creates a model that they don't really understand, and then force fit all the new data into it. Procrustean science!


In reply to by shitshitshit

pigpen Fri, 01/05/2018 - 01:28 Permalink

Brave browser blocks advertising, tracking and most important MALWARE by DEFAULT on any device and operating system.

He who controls the browser controls the security and money.



Precious Hawk pigpen Fri, 01/05/2018 - 04:41 Permalink

I guess you didn't see yesterday's Intel report.  A gaping hardware fault.  No computer based on the current cpu design is safe and the only current "fix" will slow your computer down 30% or so.

Gentle reminder for HODLs, keep your bitcoin data on a dongle, not on your PC and do regular checks for "keylogging" software on your computer.

If you don't know what that is, then look it up. 


In reply to by pigpen

The_merovingian Fri, 01/05/2018 - 03:20 Permalink

There is a $255 bn bounty on Ripple and their entire network relies on just 3 servers.

You can short XRP on several trading platforms like Plus 500, iq option, etoro, etc…

Ripple is by far the most overvalued “crypto” and one of the most vulnerable. Just saying…

DaBard51 Fri, 01/05/2018 - 09:57 Permalink

Asked why he robbed banks, Willie Sutton said,

"Because that's where the money is."



When nine hundred years old you become, look this good you will not.