Something of Doom: Fired from your IT/Security job? Come to the dark web! We have cookies.

Tuesday, January 31, 2023

Fired from your IT/Security job? Come to the dark web! We have cookies.

Your boss just asked you for a meeting. You walk into his office and realize HR is sitting there too; this is The Meeting. The company you have been working at needs to improve its quarter earnings, and you have just joined the thousands of unemployed IT and Security/Privacy professionals. I personally know people in that group. What to do? You have to find something else and quick: you have bills to pay and need to put food on your family's table. You will look anywhere for a job.

What about the dark web?

You would not be the first or the last. The truth is APT groups also need staff like any other business. The image of the lone hacker with no social skills and skin problems sitting on a dark room wearing a hoodie while being illumintated only by the glow of the laptop screen belongs to Hollyweird. ChatGPT notwithstanding, good malware does not write itself. Someone needs to be by the phone on the better phishing campaigns. Large scale attacks need monitoring, and attack servers do need to be patched. According to Kapersky, developers are in high demand in the dark web, and that has been the trend since COVID lockdowns:

Distribution of dark web job ads across specializations. source: http://kaspersky.com/

How safe are such jobs? Like everyone else, it depends. Some are scams, others are worse than that (think being kidnapped in the middle of the night either by your new employees or the FBI/NSA/Girl Scouts). After all, many of these jobs are sketchy at best; they legality depends on which nation is sponsoring the operation and which on the receiving end. But, there are organizations who treat this as a business, so they have a vested interested in having happy and productive employees who are eager to improve their software and services to levels they never thought possible. Some developers adn attack specialists are being offered $20K a month for their services; that is FAANG salary right there.

What about the company that fired you? Maybe after passing bonuses around for cuting costs, they bought the amazing cybersecurity software I mentioned in an earlier post to replace their staff. What could possibly go wrong?

About Me

Mauricio Tavares has worked in computer research, credit card and medical industry, leading to an interest in the behavioral aspect of data security and privacy. He has previously developed a security program for a $23M federally funded International research program and now helps companies reap the benefits of deploying a well planned data privacy strategy.

A TrustedCI Fellow, he has given talks and published in topics ranging from aerospace engineering to computer automation and data privacy at DEFCON, IEEE, ISSA, KVM Forum, OWASP, NSF Cybersecurity Summit, and AIAA.

About cookies used and data collected on this blog

I have put no ads or links that track you or collect your data on this blog. If you want me to know about you or what you think, do post a comment. What data Google is collecting from you is between you and Google.

Warning

Anything said here does NOT represent the opinions, policies, or tenets of any organization real or imaginary. This side up. Shake well before using. Clean up after use.