Introduction:
1、Guide to join Intelligence Bureau (IB), CBI and RAW
2、The business of hackers-for-hire threat actors
Guide to join Intelligence Bureau (IB), CBI and RAW ♂
In India, people are passionate about doing something for the country. Most of us have at least tried or thought of joining the police or any other civil services to serve the nation and countrymen.
ISOEH (Indian School of Ethical Hacking) is a trusted and renowned cyber security institute in India. We help students with various resources to support them in having a bright future. In this article, we would be sharing the road map to join the favourite civil service departments i.e. Intelligence Bureau (IB), CBI and RAW.
If you have ever visioned to be an intelligence officer, then the below information will be useful for you.
We can follow several routes to serve as a Grade an officer in IB, CBI or RAW. One needs to certainly pass the respective government exams and go through other processes. Let’s understand the process of each department below:
The first step to join IB is to clear the ACIO exam (Assistant Central Intelligence Officer), conducted by the Home Ministry of India. Once you get selected, you need to work hard to get subsequent promotions and appraisals. The goal is to become a DCIO i.e. Deputy Central Intelligence Officer in IB, Grade An officer.
The second method to work in IB is UPSC- Civil services examination. Pass the examination with a good score and become an IPS officer. Serve your duty for a certain period in the allocated cadre and then apply for IB. You need to clear the probation to get into IB. If you fail to prove yourself in the probation, you will be sent back to the state cadre.
*DIB (Director of IB) is the utmost designation that an IPS officer can achieve. The post is higher than the post of a DGP.
To work in the CBI department, students need to sit for the SSC-CGL exam. At the initial level, you need to serve as a Sub Inspector (SI) and then obtain several promotions to reach the post of Superintendent of Police (Grade A).
Second way to join CBI is to sit for the UPSC-CSE exam. After the positive result, choose DySP in CBI which is a Grade B post. After serving the Grade B post, you only need one promotion to join as an SP (Grade A).
*The post of DySP is limited and not available every year.
Third way to enter into CBI is to clear the UPSC-CSE exam with a good rank and become an IPS officer. Then serve your duty in the respective cadre and apply for probation (CBI). The process is the same as IB.
There is a service named Research and Analysis Service (RAS) created for RAW which is responsible for Group an officers. As per sources, a person needs to complete the foundation course first and then RAW conducts the respective interviews. After that, as per their performances, the students directly join RAS as cadre officers (Group A).
There is nothing much revealed or known about RAW induction programs. However, it is said that the organization appoints people from central services, AIS and defense.
Found this helpful?
Keep following ISOEH for career useful tips and resources. Wish you all the best for your future endeavours, good luck!
The business of hackers-for-hire threat actors ♂
In the world of illegal cyber activities, different kinds of threat actors exist. It has become increasingly common to read about companies selling offensive services like spyware as a service or commercial cyber surveillance. Some other actors are also government-backed. Yet another category of threat actors exists, dubbed hackers-for-hire.
Google’s Threat Analysis Group (TAG) published a new report about this kind of threat and how it works, providing examples of this ecosystem from India, Russia and the United Arab Emirates.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
Hackers-for-hire are experts in conducting accounts compromises (generally mailboxes) and exfiltrating data as a service. They sell their services to people who do not have the skills or capabilities to do so.
While some companies openly advertise their services to anyone who pays, others stay under the radar and only sell their services to a limited audience.
Some hackers-for-hire structures also work with third parties, generally private investigation services, which act as proxy between the customer and the threat actor. It might also happen that such a hack-for-hire company decides to work with freelance experienced people, avoiding to directly employ them.
Google’s TAG chose to share details about Indian hack-for-hire companies and indicates that they are tracking an interwoven set of Indian hack-for-hire actors, with many having previously worked for Indian offensive security companies Appin Security and Belltrox (Figure A).
TAG could link former employees of these two companies to Rebsec, a new company openly advertising for corporate espionage on its commercial website (Figure B).
A Russian hack-for-hire group has been tracked by the TAG team since 2017 and has targeted journalists, politicians, and various NGOs and non-profit organizations in addition to everyday citizens in Russia and surrounding countries.
In those attack campaigns, the threat actor used credential phishing emails that looked similar no matter the target. The phishing pages to which the victims were led could impersonate Gmail and other webmail providers or Russian government organizations.
A public website, gone since 2018, provided more information and advertised for the service, which consisted of compromising email boxes or social media accounts (Figure C).
As often in the Russian cyber criminal underground, the threat actor also highlighted positive reviews of its services from different well-known cyber criminal marketplaces such as Probiv.cc or Dublikat.
One hacker-for-hire group tracked by TAG is mostly active in the Middle East and North African area, targeting government, education and political organizations, including Middle East-focused NGOs in Europe and the Palestinian political party Fatah.
That actor mainly used Google or Outlook Web Access (OWA) password reset lures to steal valid credentials from their targets, using a custom phishing toolkit utilizing Selenium, a tool useful for automating tasks in web browsers.
Once compromised, persistence would be maintained by granting an OAuth token to a legitimate email client such as Thunderbird or by linking the victim Gmail account to another email account owned by the threat actor.
Interestingly enough, this threat actor could be linked to the original developer of the infamous njRAT malware, also known as Bladabindi, H-Worm or Houdini-Worm.
Most common targets for these kinds of operations are political activists, journalists, human rights activists and other high-risk users around the world.
Companies, lawyers and attorneys are also at risk since some hackers-for-hire are hired to target them ahead of anticipated lawsuits or during litigation. They might also be targeted for corporate espionage and theft of industrial secrets.
Finally, any citizen can be targeted, since some hackers-for-hire structures offer low prices to compromise and provide access to any individual, typically a husband or a spouse who wants to find information about ongoing affairs and such.
Most of these threat actors actually use email phishing as a starting point and generally do not go further than email box compromise and data exfiltration, which means they do not necessarily need any malware but rather use social engineering tricks.
SEE: Mobile device security policy (TechRepublic Premium)
Awareness needs to be raised on email phishing and related fraud attempts. Multi-factor authentication should also be deployed when possible to add a layer of security against those attackers.
Google recommends high-risk users to enable Advanced Protection and Google Account Level Enhanced Safe Browsing and ensure all devices are updated.
Finally, no one should ever authenticate to a web page popping up from a click on an email link. The user should always navigate to the legitimate page of the service and authenticate there without using any link.
Related questions
Governments hire ethical hackers through a structured and multifaceted approach to ensure both technical proficiency and trustworthiness. Here's a comprehensive breakdown of the process:
1. Recruitment Channels
- Government Job Portals: Agencies like the Department of Homeland Security (DHS) in the U.S. or GCHQ in the UK post cybersecurity roles on official platforms (e.g., USAJobs.gov).
- Military Cyber Divisions: Entities such as U.S. Cyber Command recruit through military channels, often offering specialized training in exchange for service commitments.
- Educational Partnerships: Collaborations with universities create pipelines via internships, co-op programs, or scholarships (e.g., NSA's Centers of Academic Excellence).
2. Vetting and Security Clearances
- Background Checks: Extensive investigations into criminal, financial, and personal history.
- Security Clearances: Processes like the U.S. Top Secret clearance involve interviews, polygraphs, and reference checks.
- Psychological Evaluations: To assess reliability and ethical judgment.
3. Skill Assessment
- Certifications: Preference for certifications like CEH, OSCP, or CISSP, though some governments offer internal training (e.g., UK NCSC certifications).
- Technical Evaluations: Practical exams, penetration testing challenges, or participation in CTF competitions.
4. Public-Private Partnerships
- Bug Bounty Programs: Platforms like HackerOne or Bugcrowd are used to crowdsource vulnerability discovery (e.g., Pentagon’s "Hack the Pentagon").
- Contracting Firms: Governments hire cybersecurity firms for audits, red teaming, or incident response.
5. Competitions and Talent Identification
- Hackathons/CTFs: Events like DEF CON’s Capture the Flag or government-sponsored challenges identify top talent for recruitment.
6. Legal and Ethical Frameworks
- Legislation Compliance: Adherence to laws like the CFAA (U.S.) or Computer Misuse Act (UK), with contracts defining authorized activities.
- Ethical Guidelines: Clear rules on privacy, disclosure, and operational boundaries to prevent misuse.
7. Training and Development
- Internal Academies: Programs like the U.S. Cyber Corps or the UK’s Cyber First nurture talent through structured training.
- Continuous Education: Ongoing training on emerging threats (e.g., AI-driven attacks, quantum computing risks).
8. International Collaboration
- Global Alliances: Sharing threat intelligence via NATO Cooperative Cyber Defence Centre or INTERPOL’s cybercrime divisions.
- Joint Exercises: Multinational drills like Locked Shields to test readiness and foster cooperation.
9. Freelance and Contract Work
- Short-Term Contracts: For project-specific tasks like election security or critical infrastructure audits, with rigorous vetting.
10. Ethical and Cultural Fit
- Value Alignment: Ensuring candidates understand public service ethics and national security priorities.
- Monitoring: Ongoing oversight to mitigate insider threats and ensure compliance.
Example Workflow:
- A candidate applies via a government portal or is scouted at a CTF event.
- They pass technical exams and obtain necessary certifications.
- Background checks and security clearance processes are completed.
- The candidate undergoes agency-specific training and signs ethical/legal agreements.
- Hired as a full-time employee, contractor, or reservist (e.g., Cyber Command’s Civilian Expeditionary Workforce).
By combining these strategies, governments secure skilled ethical hackers while maintaining strict ethical and security standards, crucial for protecting national infrastructure and countering cyber threats.
评论已关闭