4 Comments
author

“Disgruntled cybersecurity workers, including code developers and AI experts, are offering their services on the dark web for extra cash. On top of that, other professions whose work may have been jeopardized by machine learning are also hiring themselves out to criminals.

What’s more, if the problem is not addressed by better salaries and working conditions, the cybersecurity industry could risk losing as many as one in ten workers to cybercrime.

The stark warning comes from the Chartered Institute of Information Security (CIISec), which trawled the dark web and found some alarming advertisements put up there by seasoned cybersecurity professionals.”

https://cybernews.com/news/cyber-workers-turning-to-crime/

Expand full comment
author
Nov 10, 2023·edited Nov 10, 2023Liked by Terence Kam

I just started HTB academy and I was immediately turned off by the idea of cybersecurity. Not because I didn't like it but because recruiters are mostly ruthless human beings. There is no end to the animosity the IT crowd displays towards entry level positions.

You go through so much stress. See I came out of school in EE, I then landed a role as a tech support, then got fired. Been out of work for almost 3 years, and then I said okay I will get the CCNA. I get it in a month, study hard, do labs, practice. Then for what? To get a job that pays $40k a year. I am by no means a beginner in this stuff, and definitely not new to cybersecurity either, I wrote port binding shellcodes and wrote blog posts and all this stuff.

Then I come to find out that not only are entry level roles hard to get for Cyber, I find out that they pay you like utter trash, you'd be lucky to even see the number $70k starting off. And the worst part about it is they expect you to be familiar with equipment that CCNP people work with, namely Firepower, Palo Altos, other nonsense. It really is stupid you would begin to ask yourself what is the point of even swapping from a CCNP role to cybersecurity, at that point you're just a dumbass at that point, you're literally going from $120k a year to $80k at best.

Whatever the companies end up happening to them, the companies most likely deserve if not 10 fold. Things like the CPTS, the OSCP, CISSP, are not easy to get, they take a lot of effort and for someone to underpay a person who works hard enough to get those certs to begin with is a very clear violation of human rights. If you're gonna learn how to hack and defend machines you may as well just do both for illegal purposes at this point.

Expand full comment
author
Nov 16, 2023·edited Nov 16, 2023Author

"If you're gonna learn how to hack and defend machines you may as well just do both for illegal purposes at this point."

That's precisely my point! And I fear it is going to result in more cybersecurity casualties.

Today, I just saw this news:

https://www.bleepingcomputer.com/news/security/meet-the-unique-new-hacking-group-alphalock/

We now live in a world where for only US$185, you can get 'training' from cyber-criminals to become a cyber-criminal hacker.

In their sales pitch, these cyber-criminal hackers even do the math to show that spending $185 on their 'training' course is 'better value' than spending years and lots of money doing a legitimate degree at university.

Expand full comment