Cyber security: What drives online criminal activity?

Developing a greater understanding of why your company is being targeted by cyber-criminals is the first line of defence. As technology evolves, so do the threats to all businesses. The most common motives for attack are: theft, extortion, malicious intent and morality.


Cyber criminals send more than 100 billion spam e-mails daily to capture information they sell on the black market. With data such as credit card numbers changing hands for as little as 2 pence, it is vital they cast their net wide, using sophisticated phishing techniques which affect all companies and individuals alike. Malware and viruses are also key methods for harvesting data for identity theft. Companies hold valuable employee information which must be safeguarded from attack through investment in the latest IT security.


Extortion using ransomware has become a profitable industry for hackers, growing by over 100% last year. This is because companies, faced with the threat of business interruption and loss of core data, may feel they have no choice but to pay the ransom. Hackers may only demand a ransom of $300-$500, because it’s low enough to seem an acceptable payment amount yet not enough to get the FBI or relevant authorities involved. Encrypting all back up data and securing IT systems and devices from external attack is critical in staying one step ahead of the online extortionists.

Malicious intent

Just last week, hacker group Lizard Squad disrupted the UK National Crime Agency website in order to show off their ability to cause disruption at will and raise awareness of their cause. It’s not just external threats though – the danger of insider-led malicious activity is a genuine risk for all companies. A disgruntled employee with access to IT systems and personal data can cause far more physical and reputational damage than a faceless cyber-criminal. This highlights the need for robust internal training and security restrictions around access to sensitive data.


Morality-led and hacktivist activity is focused on the belief that the cyber-criminal has a valid and ethical reason for their actions. For example former U.S. government employee Edward Snowden leaked classified information from the National Security Agency in 2013 and the rights and wrongs of this are still being debated today. The key risk here is reputational damage and although anticipating a hacktivist or ethical attack can be unpredictable, it should not prevent companies developing carefully worded communications strategies to deal with just such an event.

Understanding the motivation behind cyber-criminal activity plays a major part in developing best practice cyber-security policies. As technology evolves and the cyber-criminals adjust to new ideas such as microchip implants in humans and biometric payment systems, it opens up a whole new world of risk mitigation that businesses must recognise and act upon to securely protect their data and their reputation.

This article is part of a Cyber Security blog series by Scott Sayce, Underwriting Director at CNA Hardy, and has been reproduced with permission. To read more of Scott’s blogs, or for more information about CNA Hardy, click here.