Cybersecurity Specialists Caught Moonlighting as Dark Web Criminals

A recent study conducted by the Chartered Institute of Information Security has uncovered a concerning trend in the cybersecurity field.
The study reveals that many cybersecurity professionals, facing low pay and high stress, are resorting to engaging in cybercrime activities on the dark web.
This revelation adds to the challenges faced by security leaders who already feel ill-equipped to combat the increasing threat of AI-driven cybercrime.
The investigation, led by a former police officer turned cyber investigation specialist, involved six months of scouring dark web sites and job postings.
The findings exposed numerous individuals offering their programming skills at remarkably low rates.
One Python developer and Computer Science student advertised their services for as little as $48 per hour, offering to develop cybercrime tools such as VoIP chatbots, AI chatbots, and hacking frameworks.
In addition to programmers, the investigation uncovered various professionals willing to assist cybercriminals in their activities.
These included voiceover artists for vishing campaigns, graphic designers, public relations professionals, and content writers.
Despite the presence of these individuals, the investigator noted that it was relatively easy to distinguish between professionals and hardcore cybercriminals, with professionals often referencing their legitimate roles or using language similar to that found on platforms like LinkedIn.
The study's findings suggest that the allure of higher pay and the stress and burnout experienced in cybersecurity roles are driving professionals towards criminal activities.
Amanda Finch, CEO of CIISec, highlighted the impact of long hours and high salaries on this trend, noting that the industry must focus on attracting and retaining talent to prevent further defections to cybercrime.
For chief information security officers and executives responsible for safeguarding their companies against cyber threats, these revelations pose a significant challenge.
Not only are they contending with escalating cybercriminal activity, including ransomware attacks, but they must also grapple with the possibility of insider threats from their own employees.
According to the Office of the Australian Information Commissioner, 11% of malicious attacks reported in the latter half of 2023 involved rogue employees.
The escalating threat of AI-augmented cyberattacks further compounds the challenges faced by security professionals.
A global survey by Darktrace found that 89% of security professionals anticipate significant impacts from AI-augmented threats within the next two years.
Despite this, 60% admit to being unprepared to defend against such attacks.
To combat these evolving threats, defensive AI systems are gaining traction.
Initiatives such as the US FTC's push against AI impersonation, Google's AI Cyber Defence Initiative, and the European Union's AI Office demonstrate a concerted effort to develop robust cyber defense mechanisms.
The proliferation of AI cyber threat detection-related patents and the entry of new companies into the market underscore the urgency of bolstering defensive capabilities against cyber threats.


This Cyber News was published on www.cysecurity.news. Publication date: Sat, 16 Mar 2024 18:43:05 +0000


Cyber News related to Cybersecurity Specialists Caught Moonlighting as Dark Web Criminals

Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
6 months ago Feeds.fortinet.com
Tracking Everything on the Dark Web Is Mission Critical - COMMENTARYOne of the standard cybersecurity tools today is to relentlessly check the Dark Web - the preferred workplace for bad guys globally - for any hints that your enterprise's secrets and other intellectual property have been exfiltrated. It ...
8 months ago Darkreading.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
10 months ago Securityzap.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
4 months ago Techtarget.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
9 months ago Legal.thomsonreuters.com
Cybersecurity Specialists Caught Moonlighting as Dark Web Criminals - A recent study conducted by the Chartered Institute of Information Security has uncovered a concerning trend in the cybersecurity field. The study reveals that many cybersecurity professionals, facing low pay and high stress, are resorting to ...
8 months ago Cysecurity.news
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
10 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
11 months ago Securityzap.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
11 months ago Feeds.dzone.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
10 months ago Securityzap.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
10 months ago Securityintelligence.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
10 months ago Securityzap.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
10 months ago Securityzap.com
Cybercrime Groups Offering Six-Figure Salaries for IT Talents - Increasingly, organized crime organizations are operating as businesses rather than criminal organizations, advertising jobs on the dark web with a number of advantages for members. A recent Kaspersky study found that 61% of job ads posted by hacking ...
1 year ago Cybersecuritynews.com
Cybersecurity Workforce Sustainability has a Problem. DEI Could be the Solution. - That's particularly true in cybersecurity, where it's increasingly difficult for organizations to fill critical roles during a worsening global talent shortage. There were more than four million unfilled cybersecurity jobs at the end of 2023. While ...
4 months ago Securityboulevard.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
10 months ago Darkreading.com
Key cybersecurity skills gap statistics you should be aware of - As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in ...
10 months ago Helpnetsecurity.com
Cybersecurity Workshops for Students - Cybersecurity workshops for students serve as an effective means to educate and empower the younger generation in protecting their digital assets. With proper planning and organization, cybersecurity workshops enable students to navigate the digital ...
11 months ago Securityzap.com
How to Avoid Falling Below the Cybersecurity Poverty Line - The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy ...
1 year ago Csoonline.com
Cybersecurity Curriculum Development Tips - In this article, we will explore essential tips for developing a comprehensive and up-to-date cybersecurity curriculum. By staying abreast of the latest industry trends, educational program developers can ensure that their curriculum remains relevant ...
10 months ago Securityzap.com
Beyond Mere Compliance - Too often we continue to see executives whose approach to cybersecurity - compliance rather than protection - is strikingly similar to that of the ill-advised business owner whose minimal fire protection is designed only to meet the building code. ...
10 months ago Cyberdefensemagazine.com
Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
10 months ago Securityzap.com
Cybersecurity Training for Small Businesses - The importance of cybersecurity training for small businesses cannot be overstated in today's increasingly digital world. In conclusion, cybersecurity training is essential for small businesses to protect themselves against cyber threats. There are ...
9 months ago Securityzap.com
Best of 2023: Combo Lists & the Dark Web: Understanding Leaked Credentials - In today's interconnected, cloud-based world, user credentials are the keys that grant entry to the house that stores an organization's digital treasure. Just as burglars pick the lock on a physical house, cybercriminals use stolen credentials to ...
10 months ago Securityboulevard.com
Report: Developers are most in demand on dark web - Hacker gangs often operate like businesses - they have salaries, working hours, clients and employees. To compete in a growing market, they are constantly looking for new talent with better skill sets, and they often use the same methods as ...
1 year ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)