Is the profit chain of hackers really so big and good? Even the most peripheral ones can rely on information asymmetry to make an amount of money that ordinary college graduates can’t even imagine. Are hackers basically tycoons?
Network technology can be called a hacker-level technology. Is it really popular? If most college students' intellectual resources are used to learn network technology, will there be a situation where there is too much for everyone?
Are hackers masters and voyeurs in a certain sense? In this world where the Internet is almost completely popular, looking at idiots who don’t understand technology from God’s perspective, are this large number of hackers financially free and voyeuristic? We have achieved various common life ideals for ordinary people, such as earning money for retirement for the rest of our lives before the age of 30, or buying a house, a car, a wife and children in a second-tier or above city before the age of 30.
In fact, this is really a lie. How likely is it that some teenagers can earn hundreds of thousands a month with just a little knowledge? If it is true that they can earn hundreds of thousands a month by relying on this, they can be considered gang members. At the bottom level, the core committing technology may be tools such as Trojan horses purchased offline.
I can only say that there are too many hackers now. The main reason is that our country’s computers started late and the public does not know enough about computers. Many high schools or universities will use script tools to do injection scanning and so on, so they can call themselves hackers. I am ashamed. Also part of Zeng Jin.
Who is passionate about computers and hasn't hacked into a few sites, stolen a few accounts, and set up a remote transmission camera to secretly watch his sister change her clothes? Is this really very technical?
Of course, if you have evil intentions and dare to break the law, you can make a little money with the above skills. If you can also make some small tools based on the remaining 0 days played by others, then you can open a class to sell learning videos or something, and win some domestic awards. The title of the webmaster.
As for the big guys, of course there are, but they rarely hang out in the circles we are familiar with. They may get a real 0day in their hands. Making money from these is indeed a way to make a fortune, but there are really not many people who make money in this way. They have that kind of strength. Many of them have prestigious offers in large companies or are individual small bosses. . . Generally speaking, there are few people who are full-time professionals. For those who really take this as a career, you can go to the Onion wiki to look at those hackers.
Secondly, what you often encounter should be profit-oriented criminal gangs, which are organized and hierarchical, and have even formed a black industry chain (remember that there was a time when game account envelopes were the most expensive).
Is the hacker community quietly making a fortune? A few people do make money through illegal means, and illegality must be silenced, but as for the majority, they are just enthusiasts.
Many people have learned about the word hacker through movies and have become very interested in this mysterious group of people.
I have learned some superficial knowledge on my own, but for various reasons I have not been able to study it in depth. Through the accumulation of knowledge, we have indeed discovered that there is a way to obtain huge wealth, and it can be achieved without any complicated operations.
Case illustration. If there are any difficult words in the following answers, please use Baidu.
Generate a remote control software server to avoid killing and increase propagation methods. Through intrusion, we can mount various websites, and conduct batch intrusions into web systems that are easy to invade or have known vulnerabilities, so as to increase and expand our broiler base. Build your own website and fill it with display ads that you applied for in various advertising alliances. Through remote control software, collectively browse self-built websites, complete advertising display tasks, and earn profits.
Assume that each pop-up advertisement is 0.01 yuan per display, and the broiler base is 100,000. Are such benefits still considerable? It's just a click of the mouse.
And the pop-up category has the least revenue among all types of advertising. The installation price of Firefox browser is 5 yuan per installation.
It should be noted that after the broiler is invaded, the Trojan will always remain in the system. Unless it is completely killed, or the system is reinstalled, or the port is closed. In other words, there is unlikely to be a large-scale reduction in the broiler base.
Of course, the network technology at that time was in its infancy, and the IP filtering technology for simultaneous access in the same location was not yet mature. But this alone can also illustrate the huge benefits of the hacker industry, which is a real "100% gold" industry. Of course, more are network security maintenance angels known as white hats. They test the security of the network and advise webmasters on fixes.
China's Internet started late, and even the technologies learned at that time still feel outdated when used in current work.
Nowadays, the Internet has been used in every aspect of life. It is urgent to enhance awareness of network security protection and popularize basic computer knowledge. Don’t wait until your next $320,000 is gone to remember the network security we discussed today.
When online games were popular a few years ago, there was a viral rumor on the Internet that a hacker who was called a leader earned tens of millions by washing game envelopes in his 20s. It has become safer these years, and the money is not so easy to make, but the black industry is still There is no shortage of projects that can make a lot of money, and there are probably several types of people on the Internet today.
1. Students who talk nonsense in group forums all day long have no money and no stable income.
2. Non-relevant professionals, they will go to vulnerability websites to submit some vulnerabilities to earn income. During the day, they work as couriers... (In fact, this can include unemployed people who have just graduated). The income of these people is also quite considerable, and their monthly income should probably be Around 5K-3a.
3. Relevant practitioners. Relevant practitioners are probably distributed in major Internet companies, and there are also some who are running their own companies and doing projects. The income of these people is also quite considerable. The approximate annual income is 15A-120A (there are also above (excluding those who start their own companies).
4. Black industry. Those who are engaged in illegal industry are also the fastest earning industries. This kind of people are generally not too active. Basically, as the title says, they make a lot of money silently. Their annual income is equivalent to their level, which is basically the lowest. It’s about 15A, with no upper limit (I’m not sure how many millions I’ve seen)
Therefore, there are indeed wealthy people in the security industry, but there are also quite a lot of hard-working losers.
digression
Many people who are new to the computer industry or graduates of computer-related majors from universities encounter difficulties in finding employment due to lack of practical experience. Let's look at two sets of data:
-
The number of college graduates nationwide in 2023 is expected to reach 11.58 million, and the employment situation is grim;
-
Data released during the National Cyber Security Awareness Week show that by 2027, the shortage of cyber security personnel in our country will reach 3.27 million.
On the one hand, the employment situation for fresh graduates is grim every year, and on the other hand, there is a shortage of one million cybersecurity talents.
On June 9, Max Research’s 2023 Employment Blue Book (including the “2023 China Undergraduate Employment Report” and “2023 China Higher Vocational Students Employment Report”) was officially released.
The top 10 majors with the highest monthly income for college graduates in 2022
Undergraduate computer majors and higher vocational automation majors have higher monthly incomes. The monthly incomes of the 2022 undergraduate computer majors and higher vocational automation majors are 6,863 yuan and 5,339 yuan respectively. Among them, the starting salary of undergraduate computer majors is basically the same as that of the 2021 class, and the monthly income of higher vocational automation majors has increased significantly. The 2022 class overtook the railway transportation major (5,295 yuan) to rank first.
Looking at the major specifically, the major with the highest monthly income for the 2022 undergraduate class is information security (7,579 yuan). Compared with the class of 2018, undergraduate majors related to artificial intelligence such as electronic science and technology and automation performed well, with starting salaries increasing by 19% compared to five years ago. Although data science and big data technology are new majors in recent years, they have performed well and have ranked among the top three majors with the highest monthly income for 2022 undergraduate graduates six months after graduation. French, the only humanities and social sciences major that entered the top 10 highest-paying undergraduates five years ago, has dropped out of the top 10.
“There is no national security without cybersecurity.” At present, network security has been elevated to the level of national strategy and has become one of the most important factors affecting national security and social stability.
Characteristics of the network security industry
1. The employment salary is very high, and the salary increases quickly. In 2021, Liepin.com announced that the employment salary in the network security industry is the highest per capita in the industry, 337,700!
2. There is a large talent gap and many employment opportunities
On September 18, 2019, the official website of the "Central People's Government of the People's Republic of China" published: my country's demand for cyberspace security talents is 1.4 million, but major schools across the country train less than 1.50,000 people every year. Liepin.com’s “Cybersecurity Report for the First Half of 2021” predicts that the demand for network security talents in 2027 will be 3 million. Currently, there are only 100,000 employees engaged in the network security industry.
The industry has huge room for development and there are many jobs
Since the establishment of the network security industry, dozens of new network security industry positions have been added: network security experts, network security analysts, security consultants, network security engineers, security architects, security operation and maintenance engineers, penetration engineers, information security management Officer, data security engineer, network security operations engineer, network security emergency response engineer, data appraiser, network security product manager, network security service engineer, network security trainer, network security auditor, threat intelligence analysis engineer, disaster recovery professional , Practical attack and defense professionals...
Great career value-added potential
The network security major has strong technical characteristics, especially mastering the core network architecture and security technologies at work, which has an irreplaceable competitive advantage in career development.
As personal abilities continue to improve, the professional value of the work they do will also increase with the enrichment of their experience and the maturity of project operations, and the room for appreciation will continue to increase. This is the main reason why it is popular with everyone.
To a certain extent, in the field of network security, just like the medical profession, the older you get, the more popular you become. Because the technology becomes more mature, your work will naturally be taken seriously, and promotion and salary increases will come naturally.
How to learn hacking & network security
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can complete them, you will have no problem getting a job or taking on a private job.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is an Internet security video tutorial I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above.
The content covers the study of network security laws, network security operations and other security assessments, penetration testing basics, detailed explanations of vulnerabilities, basic computer knowledge, etc. They are all must-know learning contents for getting started with network security.
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF, and digging SRC vulnerabilities. There are more than 200 e-books. Due to the sensitivity of the content, I will not display them one by one.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
There is also the case source code and corresponding toolkit mentioned in my video, which you can take away if needed.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.