Avoid Hiring a Cybercriminal: understand motivations & thoroughly vet employees

tumblr_inline_nrknepOgcp1ttxud9_1280.png

After a FireEye intern was found selling his own custom RAT on a dark web forum, industry experts re-emphasize the importance of understanding cybercrime and how to hire the right people

The “Darkode” online crime forum bust spanned 20 countries and led to the charges, arrests and searches of 70 suspected forum members.

While all the indicted individuals allegedly participated in illegal activities, one man received particular attention. Morgan Culbertson, a 20-year-old and current FireEye intern with two stints at the company on his resume, was arrested in association with the forum. During his time at the cybersecurity firm, Culbertson spent his days not only working on a dedicated “intern project,” for which FireEye hires the students, but also allegedly running a successful, darker side business.
Culbertson is said to be the creator behind and seller of the notorious “Dendroid” Android remote access tool (RAT), which he advertised on Darkode for $300. Its source code fetched far more, with a price of $65,000, Forbes indicated. 

FireEye immediately revoked all access to its building and systems when it found out about the arrest, the company said in a statement to SCMagazine.com.

But even still, experts note that Culbertson's work at FireEye likely assisted in the creation of his successful RAT by giving him a peek into the defense's side.  However, they also say the two are not directly correlated. Making the move over to “the dark side” requires more than a nagging interest; it's a mix of desire for compensation, recognition and the pursuit of intellectual happiness, Katie Moussouris, chief policy officer at HackerOne told SCMagazine.com.
“The Culbertson news doesn't surprise me at all,” Moussouris said. “Everybody's got a mix of motivations and different ways their moral compass may point. It might point in the same way that yours does or it might point in a different direction.”
And given Culbertson's age, his compass will likely change. Long-term consequences aren't exactly top of mind for a 20-year-old, Joe Nedelec, an assistant professor in criminology at the University of Cincinnati, said during an interview with SCMagazine.com. “[The more I study cybercrime] the more I've seen that there's this real witches brew of young people with immense talent and a great temptation to go over to areas of the dark web and try it out,” Nedelec said. Add in a perceived notion of anonymity, and really, the desire to explore, create and sell doesn't seem too harmful to a cybercriminal's future, he said.
“He's creating security software at FireEye to fight people like himself, and that can only make his malware better,” Nedelec said. “But really, I think that there's a personality thing going on here. These guys have so much confidence in their skills to remain anonymous online that they can sort of drift into that area of criminality, such as on the dark web.”
SC Magazine: http://bit.ly/1HUx3el

 

 

« Automobile Industry Gears Up For Cyber-Threat
Internet of Things: A Mass Surveillance Infrastructure »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

Rubicon Workflow Solutions

Rubicon Workflow Solutions

Rubicon is a leading provider of managed IT support and strategic services, specialising in creative and mixed platform environments.

GSMA - IoT Security Guidelines

GSMA - IoT Security Guidelines

GSMA has created a set of security guidelines for the benefit of service providers who are looking to develop new IoT products and services.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

Private Internet Access

Private Internet Access

Private Internet Access is a Virtual Private Network services provider offering secure encrypted access to the internet.

Pentagon Group

Pentagon Group

Pentagon Group is a provider of security services in high-risk environments, remote areas and emerging markets in support of land-based, aviation, maritime and cyber operations.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Spike Reply

Spike Reply

Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection.

Network Contagion Research Institute (NCRI)

Network Contagion Research Institute (NCRI)

NCRI provides pioneering technology, research, and analysis to identify and forecast cyber-social threats targeting individuals, organizations, and communities.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

HEAL Security

HEAL Security

HEAL Security is the global authority for cybersecurity data, research and insights across the healthcare sector.

Control D

Control D

Control D is a modern and customizable DNS service that blocks threats, unwanted content and ads - on all devices.

L&T Technology Services (LTTS)

L&T Technology Services (LTTS)

L&T Technology Services Limited (LTTS) is a global leader in Engineering and R&D (ER&D) services.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.