Broke Cyber Pros Flock to Cybercrime Side Hustles

Burned-out cybersecurity professionals dealing with layoffs and stressful working conditions are increasingly finding a better way to earn a buck: cybercrime.

Cybersecurity professionals are finding it more attractive to take their talents to the Dark Web and earn money working on the offensive side of cybercrime. This puts enterprises in a tough spot: cut into profit growth to keep cybersecurity skills from flowing to the highest bidder, or figure out how to defend their networks against those who know their weaknesses most intimately.
Layoffs and consolidation across the cyber sector is ratcheting up the pressure on the remaining workers, while at the same time
salary growth is stalling
— making a cybercrime side hustle an increasingly attractive way for cyber pros to make ends meet, according to a new study out of the Chartered Institute of Information Security (CIISec), which analyzed
Dark Web advertisements for cybercriminal services
provided by professionals with cybersecurity day jobs.
The CIISec report found a raft of offers on Dark Web sites, including a pro Python developer who would make chatbots for $30 an hour to earn extra Christmas present money for their kids. Another seasoned developer will make phishing pages, crypto drainers, and more, while yet another will use AI to help with coding, starting at $300 per hour, CIISec reported.
This alarming trend marks an entirely new era in cybersecurity, according to Devin Ertel, CISO at Menlo Security.
Im shocked and troubled to witness skilled professionals turning to cybercrime amidst mass layoffs, Ertel says. This marks a significant shift, reflecting the urgent need for both employment and ongoing training within the field.
Ertel points to a surplus of cyber talent and economic uncertainty as potential drivers of the unfortunate trend.
Gartner predicts that by 2025, 25% of
cybersecurity leaders will leave their roles
due to stress. And despite
layoffs in the cybersecurity sector
, which have largely focused on non-technical roles in marketing, sales, and administration, there are still
hundreds of thousands of open jobs
in the US cybersecurity sector alone.
That puts even more pressure on teams that remain, driving down morale across the industry, which cybersecurity expert and consultant Hal Pomeranz worries might also lead to a spike in insider threats.
Rather than worrying about external threats, I would be on the lookout for insider attacks, Pomeranz says. Mass layoffs in the tech industry destroy employee morale and breed cynicism and contempt for management. I wonder how many of the remaining employees would feel comfortable selling out their employers if the price was right?
The solution for many enterprises requires a better understanding of the roles theyre trying to fill and matching them with the right employees, Gareth Lindahl-Wise, CISO with Ontinue, says.
There is, without doubt, a shortage of both skilled and experienced cyber professionals, Lindahl-Wise explains. However, I would be as blunt as saying there is some misguided expectation on the part of the buyer. Do you really need someone with X years experience on a security domain tangential to the job you want them to do?
Once hired, cybersecurity talent should be presented with a additional professional development opportunities as well as a career path, Patrick Tiquet, vice president of security and architecture with Keeper Security, advises.
Business leaders are challenged with sourcing the necessary cybersecurity talent to keep their organizations secure as they balance distributed remote workforces and a growing number of endpoints with a threat landscape that continues to expand, Tiquet explains. Beyond competitive compensation, organizations must provide clear career paths for those looking to advance, professional development opportunities, and flexible work arrangements that allow for remote work when possible.
Beyond recruiting and hiring, and closing the
cybersecurity skills gap
, ColorTokens VP Sunil Muralidhar urges managers to
focus on mental health
and stress management among their cybersecurity teams.
Working with security professionals across different roles — from practitioners to executives, to partners — reveals a common thread of high stress levels among them, Muralidhar says. This is largely due to the disproportionate burden that security bear in safeguarding the organization with significantly limited resources.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Broke Cyber Pros Flock to Cybercrime Side Hustles