DataBank Establishes $725M Financing Facility to Support Growth. Read the press release.

Why Do People Commit Cyber Crimes?

Why Do People Commit Cyber Crimes?

In business, as in life, it can be very helpful to have at least some understanding of why people behave in a certain way. For example, in IT security, it can be very helpful to ask “Why do people commit cyber crimes?”. Understanding what leads people to commit cybercrimes can help to stop them.

Why do people commit cyber crimes?

Fundamentally, there are only two reasons why people commit any sort of crime. One is that they act on the spur of the moment and make an inappropriate decision. The other is they believe the potential reward is high enough to justify the potential risk. In the context of cybercrimes, it tends to be the latter.

This means that the practical answer to the question “Why do people commit cyber crimes?” is that businesses fail to implement robust enough security to deter attackers.

Why do cybercriminals attack businesses?

There are currently three main reasons why cybercriminals attack businesses. These are financial gain, espionage and sabotage.

Financial gain

Financial gain is one of the main reasons why cybercriminals attack businesses. They aim to obtain sensitive information, such as financial data or intellectual property, that they can use to generate profit. Cybercriminals may sell this information on the dark web or use it to commit fraud or extortion.

Some common methods used by cybercriminals to obtain financial gain include the following.

Ransomware attacks

Ransomware attacks have emerged as a prevalent form of cybercrime in recent times. Such attacks involve the use of malware to encrypt a victim’s files, making them inaccessible. Cybercriminals responsible for such attacks demand a ransom payment in return for providing the decryption key that unlocks the files.

Business email compromise (BEC)

BEC attacks typically involve a cybercriminal gaining access to a business email account through social engineering tactics, such as phishing or spear-phishing. Once access has been gained, the attacker will monitor the account and use the information to craft convincing emails that appear to come from the legitimate owner of the account, such as a CEO or other high-ranking executive.

These emails will typically request urgent or confidential actions, such as wire transfers or the release of sensitive information. The emails may also include legitimate-looking invoices, purchase orders, or other documents that trick employees into making payments or providing sensitive information.

Cryptocurrency mining

As the value of cryptocurrencies has risen, cryptocurrency mining has become a prevalent type of cyber attack where an attacker exploits a victim’s computing resources to mine cryptocurrency.

In this type of attack, the attacker typically installs malware on the victim’s device or network to use the device’s processing power to solve complex mathematical problems that generate new units of cryptocurrency.

Once the attacker generates cryptocurrency, it is transferred to their own digital wallet, while the victim may be oblivious of the attack until they notice that their device is running slower than usual or their electricity bill has risen sharply.


In an espionage attack, the cybercriminals aim to gain unauthorized access to a target’s sensitive information, such as trade secrets, intellectual property, or government secrets. They may also be interested in monitoring the target’s activities, stealing sensitive data, or disrupting their operations.

Espionage attacks are often carried out by advanced persistent threat (APT) groups, which are sophisticated cybercriminal organizations with a high degree of skill and resources. These groups use a variety of tactics, techniques, and procedures (TTPs) to gain access to their targets’ networks and systems, including social engineering, spear-phishing, and other forms of targeted attacks.

It is, however, also worth noting that espionage can also be carried out by small-scale cybercriminals, even individuals. In these cases, the tactics may not be at all sophisticated. They may, however, still be very effective, particularly if the company’s security has holes in it. Disgruntled employees may turn to espionage, especially if they are due to leave the company anyway.


Sabotage is a type of cyber attack that has the malicious intent of disrupting an organization’s operations. The primary objective of this attack is to cause damage to the victim’s infrastructure, systems, or data, which can result in financial losses, harm to reputation, and interruption of critical services.

Sabotage attacks can be carried out by external attackers, insiders, or business competitors, and they may employ various techniques to achieve their goals. These include data destruction, system destruction, physical damage, and supply chain attacks.

Data destruction involves deleting or corrupting critical data, while system destruction attempts to disrupt an organization’s infrastructure or systems. Physical damage involves physically damaging an organization’s infrastructure or equipment, while supply chain attacks compromise an organization’s software or hardware supply chain.

Read More:

The Importance Of Cloud Security Compliance: Ensuring Data Protection And Privacy

Share Article


Discover the DataBank Difference

Discover the DataBank Difference

Explore the eight critical factors that define our Data Center Evolved approach and set us apart from other providers.
Download Now
Get Started

Get Started

Discover the DataBank Difference today:
Hybrid infrastructure solutions with boundless edge reach and a human touch.

Get A Quote

Request a Quote

Tell us about your infrastructure requirements and how to reach you, and one of the team members will be in touch.

Schedule a Tour

Tour Our Facilities

Let us know which data center you’d like to visit and how to reach you, and one of the team members will be in touch shortly.