Cybercriminals have recruitment challenges too

Cybercriminals have recruitment challenges too

Living life as a cybercriminal cannot be easy but finding new recruits is even harder. You might assume that unusual offbeat methods will be used to find new talent – but it turns out that their methods are quite conventional.

According to new research by threat intelligence firm Digital Shadows, candidates have to fill out application forms, interview over Skype, and even go through a probationary period. One job advertisement warned that if a website was not hacked within three months, the candidate will be “unfollowed and considered inactive”. 

Clearly, a lot of time and effort is spent in finding the cybercriminal with the right skills package. On the other side, organisations are also facing the challenge of recruiting cybersecurity professionals. Last year saw some major companies hacked and it is predicted there will be more high-profile cases this year.

There is little faith amongst staff members too in handling cybersecurity matters. In a survey it was revealed that “six in 10 respondents did not believe that their own staff could handle anything beyond a simple incident”.

So what can organisations learn (if anything) from the types of skills cybercriminals are looking for right now in potential recruits? According to Digital Shadows, some of them include things like “distributed denial of service (DDoS), social engineering, cross-site scripting (XSS) and SQL injection (SQLi).

“Attackers and defenders have more in common than some might think. Each group has a mission to accomplish and the success of that mission is predicated on the ability to hire and retain staff.  At the end of the day, tracking the adversary that is recruiting and the skills they most desire can improve the overall maturity of an organization’s security program and make that new recruit’s job that much harder,” the research says.

So whether you are a cybercriminal or a regular Joe, finding and recruiting the right person for the job is a pain – and at least that’s something both sides can say.


«International Women’s Day: Close, but not quite close enough


UK’s ‘snooper’s charter’ changes may lead more to encrypt»
Ayesha Salim

Ayesha Salim is Staff Writer at IDG Connect

  • twt
  • Mail

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?