Any finance or accounting leader can tell you how difficult it is to find and retain the right talent. Cybercrime groups face similar challenges, and some of them use all kinds of unsavory ways to find the skills they need.
But it’s important to remember that many of these groups are more organized and sophisticated than you might guess from looking at the hoodie-wearing faceless menaces that usually appear in visual depictions of cybercriminals (including the one at the top of this blog).
In fact, a Kaspersky report reveals that some of them are taking more traditional approaches to recruitment, using the dark web to target in-demand workers with attractive salaries, paid time off, and sizable bonuses.
It’s a concern because many workers are feeling the squeeze of inflation, and the tech sector has seen large amounts of redundancies across the world. Plus, advancements in areas like generative AI are compounding existing cyber threats, which were already on the rise. If cybercriminals’ talent pools are getting larger, then it makes an imbalanced fight even more imbalanced.
Find out how they’re approaching recruitment and how to protect your own organization.
Who is behind dark-web recruitment and what are they looking for?
In an analysis of more than 800 dark web ads, Kaspersky found that cybercrime groups are using a range of methods to recruit individuals with specialized skills, including posting job adverts on dark web forums and marketplaces.
Those groups are often Advanced Persistent Threat (APT) groups or hacking teams. While it’s no surprise that they’re hunting for technical skills to help develop and spread malware, they’re also looking for people with backgrounds in areas like finance, accounting, and law, as well as everyday IT infrastructure maintenance.
As cybercrime organizations continue to become more sophisticated outfits, they need many of the same functions and skill sets as legitimate organizations.
What kind of roles are cybercriminals offering?
Some of the most common types of roles that cybercrime groups look for include:
money mules, who are responsible for transferring funds and laundering money
account managers, who handle the finances and operations of the cybercrime organization
technical specialists, who are responsible for carrying out cyberattacks and developing malware
Of those technical specialists, Kaspersky found that developers are by far the most in-demand roles, making up 61% of dark web job adverts.
As for the recruitment processes themselves, many look pretty similar to the ones you’ll find in legitimate organizations. The vast majority (82%) of adverts required tests and assignments – including paid assignments, so maybe take note if your organization’s recruitment process asks candidates to do a lot of unpaid labor.
Attractive salaries and benefits - with major downsides
Dark web employers are offering attractive salaries and benefits to entice talent, including bonuses for successful operations, promotions, and incentive plans. Remote work is less a perk and more a necessity for anonymous criminal activities, but there’s also a large variety of employment terms:
And what candidate doesn’t want a pleasant work culture? Roughly 8% of ads tout the opportunity to be part of a “close-knit team.”
The report also highlights that cybercriminals are increasingly using professional language and tone in their recruitment adverts, in an attempt to appear legitimate and attract more qualified candidates.
While it’s important to be aware of how cybercrime groups are trying to entice candidates, it’s equally important to emphasize that any promised perks are vastly outweighed by the lack of protections and guarantees for workers.
Without a legitimate employment contract, workers are vulnerable to exploitation, have little to no recourse if they’re mistreated or unpaid, and might risk facing their own criminal charges. Moreover, a lot of us want to find meaning and purpose in our work – that might be hard if you’re part of an organization that does things like debilitating hospitals or using cancer patients’ sensitive medical information to extort their healthcare providers.
How can finance leaders protect their organizations?
With threat actors becoming more organized and sophisticated, risks of cybercrime and fraud are likely to keep rising. Because so much cybercrime is financially motivated, accounts payable (AP) and finance teams tend to be on the frontlines.
And while it’s unlikely that your organization is losing out on talent because of too much competition with cybercriminals, talent acquisition and retention are still challenging (and expensive) for many AP and finance teams.
Fortunately, there are a few ways to address security challenges and recruitment challenges at the same time. A robust cybercrime strategy can streamline risky processes, plug the security gaps created by IT and finance siloes, create new efficiencies that improve employee experiences, and reduce stressful, monotonous tasks.
Want to improve security and employee experiences simultaneously?
Check out the 2023 Cybersecurity Guide for CFOs to learn more about the types of threat actors targeting businesses and how you can protect your organization’s finances.
