High-earning cyber-criminals make as much as $2m per year, almost as much as the average FTSE CEO, a new study from Bromium has claimed.
The security vendor commissioned Mike McGuire, senior lecturer in criminology at Surrey University, to produce the report, which is based on first-hand interviews with convicted cyber-criminals, and data from international law enforcers, financial institutions and the Dark Web.
The study, Into the Web of Profit, claimed that even “mid-level” hackers could earn as much as $900,000 annually – more than double the US presidential salary.
Those at the “entry-level” of their black hat trade can expect to make over $40,000, more than a UK university graduate.
The research highlights one of the problems facing the IT industry in recruiting those with the right skills – that there will be a significant minority potentially prepared to seek employment on the other side of the law.
The issue is especially acute in the public sector and across UK law enforcement, where austerity cuts mean forces can’t offer competitive salaries.
The staring salary for a National Crime Agency (NCA) trainee officer is just £23-£25,000, according to estimates.
There have even been plans mooted in the UK to draft in volunteers to help with policing cybercrime.
“Cybercrime is a lucrative business, with relatively low risks compared to other forms of crime. Cyber-criminals are rarely caught and convicted because they are virtually invisible. As criminals further monetize their business allowing anyone to buy pre-packaged malware or hire hackers on demand, the ability to catch the king-pins becomes even more challenging,” said Bromium CEO Gregory Webb.
“The cybersecurity industry, business and law enforcement agencies need to come together to disrupt hackers and cut off their revenue streams. By focusing on new methods of cybersecurity that protect rather than detect, we believe we can make cybercrime a lot harder.”
The report also detailed what cyber-criminals like to spend their ill-gotten gains on. Many (30%) look to invest in property, art or legitimate financial instruments, while others (20%) plough that money back into IT equipment.
However, a sizeable number (20%) also spend their money on drugs, prostitutes and the like, according to the report.