H<a>cker Hirin</g>

How Cybercriminals Recruit Top Talent

The hackers targeting your enterprise might have an HR department. And a marketing team. And even customer support.

Cybercrime is fueled by a network of talent—exploit developers, malware writers, botnet operators, money mules. To keep this ecosystem flourishing, cybercriminals are embracing sound business practices.

They’re deploying HR professionals to acquire talent, marketers to promote exploit kits, training experts to upgrade skill sets, and salespeople to hawk stolen data. Some offer 24-7 phone support and money-back guarantees on products such as hacking kits.

Many have been found to operate on a traditional 9 a.m. to 4 p.m. schedule, Monday through Friday. And just like you, Monday mornings are often the busiest times of the week, presumably to catch up from the weekend.

Because the business is expanding, cybercriminals are facing acute talent shortages.

Many cybercrime organizations are adopting conventional recruitment strategies—leveraging networks, contacting references, and deploying background checks and probationary periods.

Organizations searching for hacker talent advertise on password-protected cybercrime forums. Hacker job boards populate both the surface web and the Dark Web—a sector of the web that requires special tools to access.

These tools allow users to surf the web anonymously—by bouncing web requests through a string of randomly assigned routers and servers, for example.

Want ads might ask for specific skills like SQL injection or fluency in denial of service attacks. Hacker organizations might also hire with targets in mind, searching for candidates with knowledge of specific networks and systems.

Hacker forums frequently discuss “script kids” or “skids,” individuals who lack the skill to develop scripts or programs on their own. These candidates have to be tested to make sure organizations don’t waste their time on a dud.

If a candidate seems to possess the right skills, interviews are often set up online with voices disguised.

Just like traditional companies, cybercriminals must employ rigorous application and vetting procedures. The reason is slightly different though: the candidate could be an FBI agent.

Recruiters tend to use online forums they trust; more reliable ones are exclusive to well-vetted users and may require a fee to join. Guarantors offer vetting services—evaluating a user’s background, contributions, and trustworthiness.

When your enterprise is up against this level of sophistication, it’s essential to be prepared. Make cybersecurity part of your continuous transformation, stay up to date on the latest threats, and have a reaction plan in place in case of a breach.

For more on combatting cybercrime and assessing the risks in your enterprise, read Get Prepared.

Read Now