Dubious Way To Make Money for Laid Off Programmers Is a Dangerous One As Well
January 29, 2009 |
There is no doubt that the recession we are living in now will change a lot of things for a lot of people. And with thousands upon thousands of people around the world losing their jobs there is a new issue – an issue of the overall growth of crime in the world. We have already begun to see it here in Russia with significantly increased residential burglaries and robberies on the streets but it is quite obvious that such acts of crime are most frequently committed by less educated people who worked mostly in construction and are left out of their jobs now that no one buys new apartments.
But when people talk about layoffs in IT I often wonder what the numerous people who are left out of their techy jobs without any clear prospects about future employments are supposed to do. And it looks like geeks out of their jobs can be dangerous as well as we have already heard predictions and fears that many of such developers will now find their new income sources in developing malware and otherwise participating in online crime – whatever form it might take.
This can be a very tricky road and hopefully the more we hear about the obstacles on this road, the less developers will turn to malware for their next careers. I have just read about two Russian hackers who thought that arranging DDoS attacks was a good way to earn their living but have been arrested today.
Their workflow was pretty simple: the guys infected thousands of computers in Russia and abroad with viruses (a total of 20 thousand computers were infected as a result) and used them as a botnet for DDoS attacks. After that they chose a target – some local company that relied on their corporate website for some crucial part of business process – and launched the attack. The system administrator of the company received a message from them explaining the situation and offering to stop the attack and keep the site safe in exchange for a monthly allowance paid to the hackers.
If the company agreed, the attack could be stopped and the hackers began looking for their next victim in a similar manner. Over 30 websites belonging to more than 10 Russian companies were eventually attacked which resulted in multi-million losses for these companies. Among other services the guys offered to customers (and advertised widely online) was to arrange a DDoS attack against a website belonging to a competitor – which sounds like a pretty popular service here.
But now that these guys are arrested I hope this will serve as an additional lesson to many of the now unemployed developers who will probably think that even during a recession corporations will be ready to pay for their information security even if they are not ready to employ developers and even have to cut their development spending. The problem is while some companies will actually be ready to pay, they will also know how to call the police and invite them to investigate the incident. So spreading malware will hardly be the most secure way to earn some income during these hard times – even when it looks like there are virtually no alternatives at all.
Via (in Russian), image credit
