Behind every cyberattack is a motive, and understanding why attackers do what they do is essential for predicting and preventing their behavior. This episode explores some of the most common motivations that drive malicious activity: data exfiltration, cyber espionage, denial of service, and blackmail. Data exfiltration involves stealing sensitive or proprietary data for financial, competitive, or intelligence purposes—often targeting health records, intellectual property, or government documents. Espionage, particularly in nation-state contexts, focuses on long-term infiltration, undetected surveillance, and the slow extraction of value from targets like defense contractors, research institutions, or political organizations. We also examine how attackers use threats of service disruption or public embarrassment as leverage in blackmail scenarios, demanding payment or concessions in exchange for silence or restoration. Understanding these core motivations allows defenders to align their controls with attacker goals, better anticipate target selection, and adapt strategies in high-stakes environments.