Avoid Hiring a Cybercriminal: understand motivations & thoroughly vet employees

Uploaded on 2015-07-27 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

tumblr_inline_nrknepOgcp1ttxud9_1280.png

After a FireEye intern was found selling his own custom RAT on a dark web forum, industry experts re-emphasize the importance of understanding cybercrime and how to hire the right people

The “Darkode” online crime forum bust spanned 20 countries and led to the charges, arrests and searches of 70 suspected forum members.

While all the indicted individuals allegedly participated in illegal activities, one man received particular attention. Morgan Culbertson, a 20-year-old and current FireEye intern with two stints at the company on his resume, was arrested in association with the forum. During his time at the cybersecurity firm, Culbertson spent his days not only working on a dedicated “intern project,” for which FireEye hires the students, but also allegedly running a successful, darker side business.
Culbertson is said to be the creator behind and seller of the notorious “Dendroid” Android remote access tool (RAT), which he advertised on Darkode for $300. Its source code fetched far more, with a price of $65,000, Forbes indicated. 

FireEye immediately revoked all access to its building and systems when it found out about the arrest, the company said in a statement to SCMagazine.com.

But even still, experts note that Culbertson's work at FireEye likely assisted in the creation of his successful RAT by giving him a peek into the defense's side.  However, they also say the two are not directly correlated. Making the move over to “the dark side” requires more than a nagging interest; it's a mix of desire for compensation, recognition and the pursuit of intellectual happiness, Katie Moussouris, chief policy officer at HackerOne told SCMagazine.com.
“The Culbertson news doesn't surprise me at all,” Moussouris said. “Everybody's got a mix of motivations and different ways their moral compass may point. It might point in the same way that yours does or it might point in a different direction.”
And given Culbertson's age, his compass will likely change. Long-term consequences aren't exactly top of mind for a 20-year-old, Joe Nedelec, an assistant professor in criminology at the University of Cincinnati, said during an interview with SCMagazine.com. “[The more I study cybercrime] the more I've seen that there's this real witches brew of young people with immense talent and a great temptation to go over to areas of the dark web and try it out,” Nedelec said. Add in a perceived notion of anonymity, and really, the desire to explore, create and sell doesn't seem too harmful to a cybercriminal's future, he said.
“He's creating security software at FireEye to fight people like himself, and that can only make his malware better,” Nedelec said. “But really, I think that there's a personality thing going on here. These guys have so much confidence in their skills to remain anonymous online that they can sort of drift into that area of criminality, such as on the dark web.”
SC Magazine: http://bit.ly/1HUx3el

 

 

« Automobile Industry Gears Up For Cyber-Threat
Internet of Things: A Mass Surveillance Infrastructure »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

Riskified

Riskified

Riskified is a leading eCommerce fraud-prevention company, trusted by hundreds of global brands – from luxury fashion houses and retail chains, to gift card and ticket marketplaces.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

MCPc

MCPc

MCPc improves the security and well-being of our clients. We protect data, manage the complexity and sustainability of technology, empower employee performance, and ultimately reduce business risk.

Samurai Digital Consulting

Samurai Digital Consulting

Samurai Digital Security are a cyber and Information security services provider, specialising in penetration testing, incident response, user awareness and information governance solutions.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

OutKept

OutKept

OutKept offers the highest quality phishing simulation campaigns, supported by a community of ethical phishers, to build awareness, and maintain alertness.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.

BlackSignal Technologies

BlackSignal Technologies

BlackSignal Technologies provides cybersecurity, digital signal processing and electronic warfare products to help DOD and IC agency customers counter near-peer threats and security challenges.

Sherweb

Sherweb

Sherweb are a marketplace of leading cloud solutions and value-added services delivered by a team of passionate experts invested in MSP growth.