Any server connected to the internet for more than a few hours will come to the attention of online criminals. Usually, that attention is entirely automated: crawlers and bots trawl the internet looking for servers, probing them for vulnerabilities in the hope of finding a chink through which they can infiltrate ma and exfiltrate data.

To protect servers from online criminals, it’s useful to know exactly what their motives are: why hackers hack and how do they benefit from taking control of a server. These criminals are pragmatic in the extreme, and before we look at some of the technical reasons they want servers, it’s important to understand the underlying motivation: money. The ultimate goal is always to generate revenue for the criminal, whether directly or indirectly.

There are different ways online criminals can make money, and most of them depend on having access to a reliable source of bandwidth and computational power. No one wants criminals to have access to their servers, and, when they find out they’ve been hacked, server admins immediately close whichever hole the attacker slithered through. Criminals have to constantly replenish their stock of compromised machines, which is why they’re always on the look out for vulnerable servers.

Botnets

A botnet is essentially a network of compromised computers under the control of a hacker. They’re used for a wide variety of purposes. One of the most common is as a platform to host the scanners and crawlers we mentioned earlier. Large botnets constantly prowl the web in search of vulnerable servers, content management systems, and eCommerce stores.

But they’re also used to launch distributed denial of service attacks. DDoS attacks use many different machines to bombard victims with huge amounts of bandwidth, knocking them off the internet. That much bandwidth is hard to come by, and the criminals certainly don’t want to pay for it, so they compromise servers and install software that can be used to direct the server to spray data at targets of their choice.

Spamming

You may not see much spam because modern spam filtering technology is very good. However, millions of spam emails are sent every day, most of it from compromised servers.

When inbox providers and blacklist maintainers realize spam is being sent from a server, they will block its IP address, which, in addition to having your server’s resources wasted, will mean you can no longer send legitimate email from it.

Bitcoin Mining

Imagine that one day you receive the bill for your cloud infrastructure hosting, and it’s ten or even a hundred times larger than usual. This is not an uncommon scenario. Bitcoin miners target insecure servers and install mining software that uses the computer’s processing power to mine new Bitcoins.

The worst attacks of this sort happen when cloud management credentials fall into the hands of hackers, allowing them to spin up many high-compute servers, which can lead to a very surprising bill.

Intellectual Property And Sensitive Data

For companies that store sensitive data, a compromised server can be a disaster. The majority of hacked servers aren’t the result of targeted attacks against a company, but a company can have its reputation and competitive advantage if user or company data is leaked.

Hosting Malware Sites And SEO Spam

Finally, hackers use compromised servers to host websites that serve malware to unsuspecting visitors. Visitors are drawn to these sites by malicious advertising or phishing attacks, and when they arrive, their computers will be probed for weaknesses and compromised.

For the most part, your server won’t be targeted by a highly motivated and sophisticated attacker. Most attacks are part of the everyday automated numbers game played by online criminals. If you keep your servers’ software up-to-date and use unique and sufficiently complex authentication credentials, the chances of a successful attack against your server are reduced.

But, if your servers are targeted and compromised, it pays to use malware scanning and intrusion detection systems to find out sooner rather than later.

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

In the Datacenter

Everything You Need to Know About A Carrier Neutral Data Center

Determining where to establish your company’s infrastructure is a critical decision for any business owner. Carrier neutrality is an essential factor in choosing the right colocation provider for your business. A carrier-neutral data center provides significant benefits, including increased reliability and redundancy, flexibility, and a lower cost of ownership. What …

Continue read
Disaster Recovery

The Importance of Redundancy for Your Business

With the growth of technology, the way businesses work is changing rapidly. Now more than ever, businesses require reliable network connectivity and access to resources because, in a 24/7 culture, the availability and reliability of online services are the keys to success. The term ”redundancy” is often confused with backup. …

Continue read
Colocation

Digital Transformation: Has “Going Digital” Become a Necessity?

Now, more than ever, digital transformation has become a major focus for businesses. The Coronavirus pandemic has triggered a shift for businesses on a worldwide scale. Digital technologies have a key role to play during this time, but why? To Ensure Business Continuity There are various factors that businesses must consider …

Continue read