Slashdot Mirror
Criminals Target Tech Students With Job Offers
An anonymous reader writes "BBC News is running a story on criminal gangs targeting tech students. Some of these outfits offer to pay for an education in exchange for the student's employment on graduation in criminal hacking activities." From the article: " As the number of criminal gangs looking to move into cyber crime expanded, it got harder to recruit skilled hackers, said Mr Day. This has led criminals to target university students all around the world. 'Some students are being sponsored through their IT degree,' said Mr Day. Once qualified, the graduates go to work for the criminal gangs. As well as the direct route of targeting students, some organised crime gangs were trading on the glamour surrounding the 'hacker' label to help them recruit impressionable youngsters..."
Does this mean that legitimate companies, to keep up, will have to do the same thing?
Maybe they could even get into bidding wars over potential students/employees! This could only be a good thing...right?
Everything I need to know about copyrights I learned from Slashdot.
Wal-Mart. Big huge massive retail company. How much do you think it would be worth to K-Mart, or Target, or various other retailers, for Wal-Mart to just be down for a few days? Easily into tens of millions, if not hundreds of millions of dollars.
Sad part is, the person at the top doesn't even have to know what's going on. They just say "Hey write a program that will do this, and propogate. We'll give you a cool 100Gs." Kid says hells yea, takes a few hours, whatever, writes it, and gives it to them, collects.
Two weeks later, Wal-Mart plant sticks the little nasty into the Wal-Mart mainframe, and it gets disseminated to every single store in the company. The plant is nice and safe (removed by organization, or perhaps just left to fend for themselves, whatever), many of the people involved will never be caught, and the person that wrote it may not even know they were responsible!
Perhaps I should take off my tin-foil hat, but still, it's a helluva "What-If".
Can anyone here honestly tell me that they can get me access to a given business's clients database in the next 48 hours ? Didn't think so. So what are the gangs getting out of this ? Are they getting on a hype bandwagon ?
Getting access to a company's database is so 1990's. These days, you need smart computer science types to design better malware to create botnets so that you can practice good old fashioned extortion against Costa Rican casino web sites. Simple as that.
Don't disappoint your bird dog. Go to the range.
>In order for this to work, you'd have to credibly threaten or capture a loved one.
The old recipe for recruiting a spy was MICE: Money, Ideology, Compromise, Ego. If organized crime really is troling computer students, they could use at least three of those, and maybe even ideology ("stick it to the greedy corporate exploiters and their fascist tools in government", or something like that).
The other problem is, what's a CS degree going to do for a blackhat?
Put them through drama school and psychology if you want to raise a crop of social engineers, use an apprenticeship system if you need vulnerability finders, but CS? There are only a few problems in the criminal world (robust scalable botnet control, untracable communications) that are computer science problems. And there can't be room for many people to work on those.
The article was way too light on any of the specifics that would have inclined me to trust it.