Aardvark DailyNew Zealand's longest-running online daily news and commentary publication, now in its 25th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.
Content copyright © 1995 - 2019 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk
Please visit the sponsor!
Unless you're a foreign worker slaving away in a code-factory, IT jobs generally pay fairly well.
Programmers with skills in sought-after areas can earn a useful salary or hourly rate on contract whilst becoming an analyst or manager can move you up the pay scale pretty quickly until, once your a CTO, you are doing "very nicely thank you".
However, the real money isn't in one of those salaried positions turning ideas into working systems. Oh, no. The real money -- and I'm talking big, big money, lies elsewhere.
If you want to become an IT millionaire overnight then there's just one career option available to you.
You need to be a hacker to earn the real "big bucks".
Take the case of the criminal gang that recently crippled a key piece of US infrastructure with ransomware for example.
According to at least one report, the operators of the Colonial Pipeline paid out US$5m in order to regain access to their encrypted files so as to begin restoring the delivery of petrol to many US states.
How long would it take you to earn that on a programmer's, analyst's or even a CTO's salary?
Given that a lot of these attacks involve the use of turnkey hackware developed by others, the hourly rate for those actually involved in carrying out that attack is phenomenal.
What's more, the risks of getting caught whilst engaging in such evil activities seems to be pretty damned low.
You can bet that the US government's best and brightest anti-hacker resources have been brought to bear on finding the exact identity and location of those responsible but so far they've come up empty-handed. Even if they did identify them, odds are that these folk are already enjoying their ill-gotten gains on a sunny beach somewhere, with new identities and far from the dingy room from where the crimes were committed.
Given how often ransomware attacks are happening and how successful many of them seem to have been, exactly what steps can the world take to prevent further chaos and loss?
Well many governments are considering making it a crime to actually pay the ransom being demanded. The theory here is that if nobody pays the ransom then the criminals will give up trying because ultimately they see no return on their efforts.
That's a great theory but it ignores the damage that such attacks can produce on livelihoods and even the lives that may be cost as a result of this hard-line stance, especially when the victim is a government and the computers affected may be within vital systems such as healthcare.
Another route might be to simply make all anonymous crypto currencies illegal. If there's no untraceable way to receive payment then the risk to the criminals rises enormously and the returns also fall precipitously due to the high cost of laundering that money. Unfortunately, with so many billions of dollars now invested in crypto by mainstream investors, this proposal would go down like a lead balloon in the circles of the rich and powerful (such as Elon Musk).
The only answer therefore, seems to be to sure-up everyone's cyber-defenses but, as we know from many years of experience and evidence, that's just a dream. There will always be systems that are flawed and vulnerable. One of the problems with business is that profit is not only dependent on keeping revenues high but also on keeping costs low. IT security is one of those things that probably seems like a total waste of money -- until you discover you don't have enough of it, by which time it's too late.
So I predict rich pickings for the most well-paid job in IT for quite some time to come.
Please visit the sponsor!
Have your say in the Aardvark Forums.