Rarely is the plight of cybercriminals and hacking types considered – for some strange reason – but when it comes to recruitment, the computing underworld uses many of the same techniques and faces the same issues as security companies and IT departments do, a new report notes.
Yes, hacking organisations have to advertise for personnel to undertake ‘jobs’ just like any business, using underground forums and job boards. It would also seem that there’s a shortage of capable talent on the black market, as well as in IT security.
The report from Digital Shadows, spotted by CSO, highlighted the fact that it’s difficult for these underworld groups to vet applicants and ensure they are employing people they can trust.
Roles advertised include the likes of malware authors, botnet operators, hackers of all different strains (from those targeting PC users to Fortune 500 companies) and those specialising in fields such as electronic surveillance.
Obviously enough, there is a considerable degree of paranoia about new applicants for such roles, and hacking groups will often use detailed application forms to sift the wheat from the chaff. They will then move onto an interview, usually conducted via Skype but with a great deal of precautions (masked voices, no video used, and traffic routed through Tor or similar).
So essentially, it’s the same application then interview process we are all familiar with, and after that, as with the corporate IT world, the new recruit will often have to undergo a probationary period. If they can’t demonstrate their skills and trustworthiness in this time, the recruit will be given the heave-ho.
Digital Shadows notes that cybercriminals have to strike a balance between security and recruitment themselves – if they are too stringent vetting candidates, potential profits will be affected because their ranks won’t swell quickly enough.
And when these groups cut corners in recruitment, they leave potential clues which white hat experts can use to strengthen security software.
In its blog post on the matter, Digital Shadows further notes: “In some circumstances, defenders might find specific details about attacks targeting their organisation, while in others they might find general attack trends that could bolster their defences.
“At the end of the day, tracking the adversary that is recruiting and the skills they most desire can improve the overall maturity of an organisation’s security program and make that new recruit’s job that much harder.”
Just studying the enemy, then, and their recruitment processes, can be a valuable exercise for businesses who want to protect themselves against would-be intruders.