After a FireEye intern was found selling his own custom RAT on a dark web forum, industry experts reemphasize the importance of understanding cybercrime and how to hire the right people.
After a FireEye intern was found selling his own custom RAT on a dark web forum, industry experts reemphasize the importance of understanding cybercrime and how to hire the right people.

So with firms already paying their interns decent compensation — the Department of Homeland Security, for example, pays approximately $5,800 for a 10-week internship — companies are left with a problem: how to deter interns and employees from moving over to the other side.

Bug bounty programs are often heralded as one way to encourage positive research, but that might not suffice.

Ultimately, the defense side of cybersecurity will never be able to compete monetarily with the offense, Moussouris said, so if that's a sole motivator for a cybercriminal, nothing can really deter them.

Plus, a shortage of qualified cybersecurity professionals presents an even more difficult task for cybersecurity firms. Finding and hiring a worthy and upstanding individual can be rushed, and companies could just settle.

That said, these firms can still adequately keep sketchy people directly out of their physical and digital work environment with a thorough vetting process. 

Anu Kumar, VP of recruitment at SilverBull Software, recommends background checks, credit checks and plenty of references, even beyond those listed on a candidate's resume, as some ways to do so.

“You have to do your due diligence whether it's an intern or a full-time hire, especially when you're a company who deals with sensitive information,” she said in an interview with SCMagazine.com. “These are people who have the skillset to be ethical hackers or hackers, so the need there is definite.”

Background checks can bring up a person's past DUIs or fake ID use, for example, and credit checks can demonstrate how the person handles money, she said.

Taken all together, this behavior can measure how responsible a person is, she said, and then when combined with references, bring up red flags long before system access is granted.

“Nothing can substitute for the time you spend and the care you give to your hiring process,” Kumar said. “It's important for more than one person within an organization to speak and get to know a candidate before bringing a person on board.”

But, she noted, people do fall through the cracks.

“It happens,” she said.

FireEye might have just been the unlikely one this time, as it does perform background checks and calls references. 

More companies are likely to fall victim to the insider threat because, as Nebelec warns, Darkode is only one of many.

“The problem is it's Whack-a-mole,” he said. 

The 70 people arrested in association with Darkode represent only some of the many hackers and participants in dark web cybercrime.