Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

Cybercrime's Most Lucrative Careers

Crime pays. Really well. Here's a look at just how much a cybercriminal can earn in a month.

Joan Goodchild, Contributing Writer, Contributing Writer

December 31, 2019

3 Min Read
(Source: Jezper/Adobe Stock)

The Dark Web is a bustling market and economic engine. Just ask the cybercriminals who are making excellent money selling wares and finding work there.

"Into the Web of Profit," a study released earlier this year by Dr. Michael McGuire at the University of Surrey, also backs that up. The study examines what is being sold on the Dark Web. Categories of goods include credit card information, login credentials to financial accounts, stolen subscription credentials, and usernames and passwords of all kinds.

Also available: services and jobs, according to Alex Guirakhoo, strategy and research analyst at Digital Shadows.

"In February 2019, the threat group TheDarkOverlord was seen advertising monthly payments of over $60,000 to tempt recruits willing to join their extortion schemes," Guirakhoo says.

So how much does cybercrime pay? A separate study, also conducted by McGuire, dives into the details of how much cybercriminals earn. McGuire interviewed 50 convicted or active cybercriminals, and spoke with dozens of experts from law enforcement, financial institutions, and IT security companies. Total cybercrime revenues are around $1.5 trillion, he found. And the cybercriminals earning the most are making as much as much as $2 million a year.

Yes, you read that right. The highest earners take home more than $167,000 a month. Lower wages hover around 75,000 a month. And as Guirakhoo notes, certain skills net a better income.

"Technical skills are always in high demand," he says. "Job offers for developers of malware, like ransomware, remote access Trojans, or banking Trojans are common sights on criminal forums. Much like real-world jobs, wages can be even higher based on technical and language skills, and cybercriminal recruiters have also offered bonuses to those with a proven tenure."

The Most Profitable Markets And Services   
McGuire's "Web of Profit" report details not only how much money cybercrime can net, but which markets are the most lucrative. Here's how profits break down by criminal venture:

  • Illegal online markets: $860 billion

  • Trade secret, IP theft: $500 billion

  • Data trading: $160 billion

  • Crimeware/Cybercrime-as-a-Service (CaaS): $1.6 billion

  • Ransomware: $1 billion

While ransomware is at the bottom of the list, Digital Shadows' research shows it's one to keep a watch on, Guirakhoo says.

"Due to its popularity, ransomware is definitely one of the more lucrative cybercriminal gigs out there," he explains."These attacks have become much more targeted. Attackers are going after the organizations they know are most vulnerable and most likely to meet ransom demands."

Guirakhoo also points to ransomware-as-a-service, or RaaS, as a way experienced cybercriminals are monetizing their skills, "without doing a lot of the dirty work themselves," he says. "GandCrab is a great example of this. The developers of the wildly popular RaaS closed up shop this past May, citing profits of $2 billion, although the accuracy of their claims is debatable."

Falling Out of Favor
What's not so hot anymore? Exploit kits, which is a type of toolkit that can be used to engineer attacks on systems in order to distribute malware or perform other malicious activities.

"Black hat exploit kit development is something that we haven't seen too much of recently," Guirakhoo says. "This aligns with the downward trend of the use of exploit kits in general. People will flock to what is most popular and profitable."

Related Content:


About the Author(s)

Joan Goodchild, Contributing Writer

Contributing Writer, Dark Reading

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights