How Do Hackers Make Money?

Are you unsure about what makes hacking so profitable? Understanding how the financial side of cybercrime works can provide critical context for your understanding of cybersecurity.

When it comes to cybercrime, you’ve probably seen lots of big numbers thrown about. For example, it’s estimated that, by the end of this year, cybercrime will have caused $6 trillion in damages.

That’s a huge number, and it’s virtually impossible to really grasp it. Furthermore, when you think about it, that number fails to impart the individual, day-to-day commerce of cybercrime. In other words, if hackers are causing that much damage, it must be financially viable for them, right?

In this new video, Parkway Tech founder Chris Michalec explains the particulars of how cybercriminals get paid:

How Do Hackers Make A Profit?

An often overlooked part of cybercrime culture is the way that cybercriminals make money doing what they do. Business owners, managers, and IT personnel are more concerned with security and protection, rather than think about the other side of the equation.

Here are three primary ways hackers make money:


In a ransomware attack, an unsuspecting user clicks on a seemingly safe link or an emailed attachment that appears to be a bill or other official document.

Instead, the attachment installs a malicious software program (malware) onto the computer system that encrypts the data and holds it at ransom. The user is then stuck without access to their data, and faced with paying the attacker a huge sum.

This is likely the most well-known way hackers generate a profit. Year after year, cybercriminals continue to increase the asking price, with the average ransom growing from $41,198 to $84,116  in 2019.

Selling Data

A simple way to make money in cybercrime is to simply sell valuable data. Financial info, SSNs, medical info, etc., almost anything identity-based and private has a value, and can often be sold for as little as $3 per record.

Selling Access

A common misconception about cybercrime is that it’s obvious when you’ve been hacked. Alarms go off, your bank account drops to $0, etc.

However, more often than not, cybercriminals will quietly gain access to a network or an account and then sell that access on the Dark Web. This is a simple way to monetize their efforts without having to demand a ransom or trick someone into executing a transfer of funds.

How Can You Make Cybercrime Less Lucrative?

In a nutshell? By protecting your business more effectively.

The more work it is for hackers to install ransomware or steal data, the less inclined they will be to bother. For the most part, cybercrime is a numbers game — hackers send out thousands of phishing emails and set up countless malware-infected websites in the hopes of tricking just a few people here and there.

Put simply, if these techniques become ineffective, hackers will stop trying them. That’s why the business community has to work together. The stronger our cybersecurity is, the less profitable the cybercrime industry becomes.

Written by Chris Michalec posted on February 22, 2021

If you are thinking of switching IT companies but aren’t sure where to start, contact us now.