Security Experts:

Why Suffer the Stress of Being a Black-Hat Hacker?

As high school graduation ceremonies approach, we turn our attention toward what all those graduates are going to do next. Brought up in the digital age, these young people may be eagerly looking for opportunities to apply their technical skill sets, but there’s one career path that is not going to make parents proud – cybercrime. 

A recent National Crime Agency report analyzed by the BBC, states that the, “average age of those… arrested (for cybercrime) is 17.” Free and easy-to-use hacking tools, a sense that the crimes are victimless, and a community that lauds technical skills that aren’t appreciated by their peers are leading young people to commit virtual crime when they wouldn’t otherwise in the real world. There is one point of good news – the young “don’t seem to be motivated primarily by money, which means early intervention can be very successful.” 

If we’re being honest, though, crime pays, at least in the digital realm. The investigation and prosecution effort for the use of a stolen credit card, for example, is usually more costly than the value of the goods illegally purchased. So the hacker most often gets away without a criminal charge.

Hacker ArrestedBut choosing to become a black hat hacker is not without risk. If you’re a budding hacker, consider these downsides.

Spending time in prison

 As your skills grow, so will the temptation toward bigger attacks. The risk of being caught and prosecuted grows with the scale of the hacking and fraud perpetrated. Authorities concentrate their resources on the biggest threats, and they are successfully sending young people to prison.

A 20-year-old man from the United Kingdom was sentenced to two years in prison on April 17, 2017 for creating and operating a DDoS service. Eight members of a cybercrime ring ranging from 22-35 years old face decades in prison for stealing millions from ATMs. A 32-year-old Russian carder kingpin was sentenced to 27 years in a US federal prison after being captured while on vacation in the Maldives.

Just because authorities don’t catch every criminal doesn’t mean every criminal is immune to prosecution. Do you want to live your life looking over your shoulder and worrying what your prison nickname is going to be?

No honor among thieves

The allure of the dark web can quickly turn into a nightmare. The anonymity of the Tor network doesn’t protect against malicious code in a drive-by download or malware in that downloaded list. There is no loyalty on the dark web - getting you to pay ransom for your system, or acquiring your financial information is just as good as hacking someone else. An example is a search engine called Indexus, which provides user account information, including those from “hacker forums that have been hacked.”

How hard is it to come back from crossing the line?

What if you want to give up crime, and the potential risks inherent in black-hat hacking, to make legitimate money as a white hat? Penetration testers come at a premium today, and bug bounty programs are on the rise. One report shows that the most skilled hackers are making $350,000 a year as independent bug-busters. Facebook has paid out more than $5 million in bug bounty programs since 2011.

Getting paid legitimate money to hack isn’t the only consideration. White hat services enable hackers to channel their skillsets and curiosity towards society-building purposes, and also offer a degree of consistent paychecks and safety from prosecution for peace of mind.

Keep in mind that crossing the line to criminal activity might disqualify you from some jobs. More conservative industries, such as financial institutions, are unlikely to accept applicants with criminal backgrounds. Although, the NSA is so hungry for talent, they are showing up at hacker events to assure “potential candidates they shouldn’t automatically assume they’re disqualified from a government job because of ‘indiscretions in the past.” But, better to apply with a clean record.

Answering the question, “what are your plans after graduation?” over and over again can be annoying. Even more annoying would be having to wear orange every day for the next decade while sharing a cell with “Bubba.” These days, there are plenty of legitimate ways to make money and establish a solid career path using hacking skills – consider that before engaging in criminal activity.

view counter
Travis Greene, Identity Solutions Strategist at Micro Focus, possesses a blend of IT operations and security experience, process design, organizational leadership and technical skills. After a 10-year career as a US Naval Officer, he started in IT as a Data Center Manager for a hosting company. In early 2002, Travis joined a Managed Service Provider as the leader of the service level and continuous improvement team. Today, Travis conducts research with NetIQ customers, industry analysts, and partners to understand current Identity and Access Management challenges, with a focus on provisioning, governance and user activity monitoring solutions. Travis is Expert Certified in ITIL and holds a BS in Computer Science from the US Naval Academy.