SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Dark web
#
CIISec
Rising trend of cybersecurity experts turning to cybercrime
Tue, 12th Mar 2024
Author image
By Shannon Williams, Journalist
Follow us

The Chartered Institute of Information Security (CIISec) has unveiled a concerning trend in the world of cybersecurity, with an increasing number of professionals in the field getting drawn into the digital underworld. Qualitative dark web analysis, executed in partnership with former police officers specialising in dark web activities, has revealed that more and more cybersecurity professionals are venturing into crimes committed online.

CIISec's latest study indicates that remuneration and working hours are among the paramount concerns in the industry. The study provides evidence that many cybersecurity professionals, spurred by these concerns, are turning to cybercrime to supplement their income. The alarming annual global tally of over a $1bn paid by victims to cybercriminals in ransomware attacks alone in 2023, compared to the modest remuneration in the industry, seems to be incentivising these dangerous drifts from mainstream employment.

The institute anticipates that these worrying trends might prompt up to 10% of cybersecurity professionals to leave their regular jobs in the near future. Indeed, a worrying number of professionals working in mainstream roles are already offering their services to cybercriminals with conventional motives: monetary gain, substituting for irregular or insufficient workloads, and even for expenses like Christmas presents.

Amanda Finch, CEO of CIISec, expressed her concern on the issue. "Our analysis shows that highly skilled individuals are turning to cybercrime. And given the number of people projected to leave the industry, many of those will be desperate enough to seek work in an area that promises large rewards for their already-existing skills and knowledge. Preventing this means ensuring we are doing all we can as an industry to attract and retain talent," she warned.

The research found that the job seekers on the dark web were not limited to cyber professionals; they included out-of-work voice actors, PRs and content creators hunting for their next gig. The research, led by an ex-police officer and covert operative who identified himself as Mark, found professionals advertising for roles that fell into distinct groups. These included experienced IT workers and security specialists, new entrants in the security workforce, and other industry professionals keen on expanding into cybercrime.

Considering that our digital spaces are becoming more vulnerable to cyberattacks, this trend has worrying implications for the cybersecurity industry. CIISec now urges a new concerted effort to counter this trend, advocating for better remuneration and working conditions in the sector to retain valuable talent and prevent further exodus to the 'dark side'.

"There is a huge breadth of skills being advertised on the dark web, many of which are transferable," exclaimed Levine. "A job in cybersecurity has so much to offer for people of all industries, whether you're a creative, a developer, or even a voice actor. We must do more to showcase that there's room for all in security, or we'll lose more and more talent to cybercrime."

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
ExtraHop report shows Singapore firms vulnerable to ransomware attacks
Jason Haddix joins Flare as Field Chief Information Security Officer
Ransomware threats escalating in Southeast Asia – report
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds