View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 8, 2018updated 09 Aug 2018 10:01am

Cybersecurity Professionals Enticed by the Dark Side According to Report

Grey hats are on the rise

By CBR Staff Writer

One in every 13 cybersecurity professionals are considered to be ‘grey hats’ by their colleagues while 20 percent have considered becoming black hats.

The findings were released in a report published today by IT security company Malwarebytes.

The report also found that an organisation in the United Kingdom with 2,500 employees should expect to pay more than £821,000 per year in cybersecurity-related costs.

In cybersecurity terminology, a black hat is a hacker with malicious intent and are responsible for ransomware and cyber breaches. Whereas a white hat are cyber professionals who use their hacking skills to help companies identify vulnerabilities within their security systems.

A grey hat is considered to be a blend of the two. They will probe cybersecurity system for vulnerabilities without permission. Upon discovering a weak link, they will report it to the company often expecting a fee in return; this is opposed to a black hat who would exploit it in a malicious manner.

Seduced by the Dark Side

In their report, Malwarebytes found that: “Fifty-four percent of those we surveyed in the UK believe that a motivating factor for becoming a black hat is the opportunity to earn more money than as a security professional.”

In a report by virtualization based security specialists Bromium, they found that: “High-earning cybercriminals can make $166,000+ per month.”

Content from our partners
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline

Speaking to Computer Business Review, Jerome Segura, Senior Malware Analyst at Malwarebytes told us: “Companies need to look for signs of individuals becoming unhappy or unfulfilled in their position and address them early on.”

“Having regular dialogues between HR, managers and employees can help avoid more complicated situations down the line.”

“Money is also a huge factor. Companies need to assign more resources to their security budget, and that includes salaries for security researchers and other technicians.”

“If an employee begins grumbling about pay, and if human resources are unresponsive to his or her requests, then organisations may be setting themselves up for a much larger financial loss down the line,” he added.

Smörgåsbord of Threats

In their survey, Malwarebytes found that 97 percent of UK organisations queried reported that they had been either probed or fell victim to a cyberattack in the last year.

The most common form of attack reported was phishing which accounts for 57 percent of reported attacks.

Adware/spyware and spearphishing, a more direct form of phishing that often includes personal details to give the malicious content an authentic look, come in at second and third most reported.

Ransomware is the fourth most common according to the report and it is considered to be the most serious risk to an IT infrastructure.

30 percent of businesses consider it to be a very serious form of cyberattack and one that has to be mediated with haste.

See Also: Chinese shipping giant COSCO falls victim to a ransomware attack that cripples their north american operation

When asked about the possibility of black hats situating themselves inside companies to gain access to its systems, Jerome Segura of Malwarebytes added: “The insider threat can take different shapes and forms. Usually, disgruntled employees are the most common type, but we cannot exclude more insidious actors infiltrating a company with nefarious goals in mind”

“Proper access control ensures that individuals turning rogue have only limited access to the company’s most important resources,” he noted.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.