Connect with us

Cyber Security

GOLD GALLEON: How a Nigerian Cyber Crew Plunders the Shipping Industry





In 2017, Secureworks® Counter Threat Unit™ (CTU) researchers continued to track GOLD SKYLINE, a financially motivated Nigerian threat group involved in business email compromise (BEC) and business email spoofing (BES) fraud. During the investigation, CTU™ researchers discovered a previously unidentified BEC group that they have named GOLD GALLEON.

Unlike other BEC groups, GOLD GALLEON does not target a wide range of businesses but appears to focus solely on global maritime shipping businesses and their customers. CTU researchers estimate that between June 2017 and January 2018, GOLD GALLEON attempted to steal a minimum of $3.9 million U.S. dollars from maritime shipping businesses and their customers. The threat actors’ theft attempts average $6.7 million per year.

BEC is a social engineering scheme where threat actors gain access to a business’s email account. The actors typically use spearphishing emails with attached malicious payloads to steal the email credentials of individuals responsible for handling business transactions. Once the threat actors have obtained these credentials, they can intercept emails between the two parties involved in a transaction and modify financial documents to direct funds to attacker-controlled bank accounts. BEC and BES scams might seem unsophisticated, but they continue to account for significant losses globally. For example, the FBI reported that BEC and BES accounted for estimated losses of $5.3 billion between October 2013 and December 2016.

Key points

  • GOLD GALLEON is a BEC threat group likely based in Nigeria.
  • The group targets maritime shipping organizations, including companies that provide ship management services, port services, and cash to master[1] services.
  • Companies involved in shipping industries are typically globally dispersed and operate in different time zones, meaning that they are often entirely reliant on email for conducting business transactions. Some maritime shipping businesses are therefore susceptible to BEC fraud methods.
  • The group uses a range of commodity remote access tools that have keylogging and password-stealing functionality to steal email account credentials.
  • The group routinely tests malware on its own systems and tracks detection rates via online virus scanners (e.g., NoDistribute).
  • As of this publication, CTU researchers have helped to interrupt multiple GOLD GALLEON fraud attempts, averting losses of more than $800,000.


Over the course of the investigation into GOLD GALLEON, CTU researchers have been able to develop unique and detailed insight into the threat group: how it operates, where it is based, and its likely affiliations. GOLD GALLEON is a collection of at least 20 criminal associates that collectively carry out BEC campaigns. The group appears to specifically target maritime organizations and their customers. CTU researchers have observed GOLD GALLEON targeting firms in South Korea, Japan, Singapore, Philippines, Norway, U.S., Egypt, Saudi Arabia, and Colombia. The threat actors leverage tools, tactics, and procedures (TTPs) that are similar to those used by other BEC/BES groups that CTU researchers previously investigated (e.g., GOLD SKYLINE). The groups have used the same caliber of publicly available malware (inexpensive and commodity remote access trojans (RATs)), crypters, and email lures.

The group appears to have a loose organizational structure, with activities coordinated by several senior individuals. Tasks are allocated to individuals in the group; for example, one group member may have responsibility for obfuscating the group’s RATs with crypters, while others are tasked with monitoring victims’ email for business transactions that are about to be invoiced. Some senior members often handle the purchasing of malware, crypters, and infrastructure, and they frequently experiment with alternative tools. CTU researchers also observed senior members coaching and mentoring less-experienced group members and liaising with external providers of related criminal services (e.g., suppliers of mule accounts for transferring stolen funds and crypter sellers; see Figure 1).

Figure 1. Organizational diagram of GOLD GALLEON threat group. (Source: Secureworks)

GOLD GALLEON uses the Hide My Ass! (HMA) proxy and similar privacy services to disguise its origin. Several data points identified by CTU researchers suggest that it is highly likely that GOLD GALLEON is based in Nigeria:

  • Visibility of the actors’ systems suggest that many were regularly connecting to the Internet via Nigeria-based infrastructure.
  • The GOLD GALLEON crewmembers communicate regularly using instant messenger services such as Skype. Observed conversations between crewmembers were in Nigerian Pidgin English (see Figure 2). Pidgin is a simplified form of speech that is usually a mixture of two or more languages, has a rudimentary grammar and vocabulary, and is used for communication between groups speaking different languages. Appendix A shows additional examples of Nigerian Pidgin phrases commonly used by GOLD GALLEON.

    Figure 2. Example of conversation between the group leader and a crewmember. (Source: Secureworks)
  • CTU researchers’ visibility of the group’s usernames, passwords, and other artifacts suggest a strong link between members of GOLD GALLEON and a popular fraternity in Nigeria dubbed the Buccaneer Confraternity (see Appendix B).

Links to the Buccaneer Confraternity

Many of the GOLD GALLEON conversations observed by CTU researchers used phrases, usernames, and passwords that linked to the Buccaneer Confraternity group. Keywords such as “awumen,” “alora,” “Sealords,” and “1972buccaneer” in context reference the confraternity. One GOLD GALLEON actor also used a Buccaneers Confraternity logo on an online account (see Figure 3).

Figure 3. Variant of the Buccaneers Confraternity logo. (Source: Secureworks)

The Buccaneers Confraternity was originally established to support human rights and social justice in Nigeria. Reports suggest that a small subset of the group (often referred to as a cult) may engage in criminality, which offers a potential explanation for GOLD GALLEON’s apparent links to the Buccaneer Confraternity movement.

How does GOLD GALLEON operate?

GOLD GALLEON displays similar tradecraft to other Nigerian-based BEC groups observed by CTU researchers. The group follows a common operational pattern often relying on low-tier, free, or inexpensive tools. What it lacks in technical prowess is made up for in social engineering, agility, and persistence. Despite technical challenges and minimal investments in cybercrime tools, infrastructure, and automation, the group’s profit margins are orders of magnitude greater than its initial investment.


CTU researchers assess that GOLD GALLEON identifies target email addresses by conducting reconnaissance of publicly available contact information (e.g., a company’s website). The actors may leverage commercially available marketing tools that scrape email addresses from company websites (e.g., Email Extractor, BoxxerMail). CTU researchers found evidence that suggests these threat actors occasionally purchase email lists of target businesses. In order to acquire new victims after gaining entry into a target’s inbox, the threat actors use a free tool called EmailPicky to extract the target’s contacts from their address book, as well as every email address with which the target has had an exchange. Many of the harvested contacts are in the maritime shipping industry, so this tactic can be extremely fruitful for the threat actors.

Attacker TTPs/attribution

Similar to other BEC threat groups, GOLD GALLEON uses spearphishing emails with malicious attachments to compromise its victims (see Figure 4).

Figure 4. GOLD GALLEON crewmember crafting a phishing email. (Source: Secureworks)

The spearphishing emails are created with the intended recipient in mind, in this case focusing on shipping topics. When opened, attachments deploy a RAT that has keylogging and password-stealing functionality. Tools deployed by GOLD GALLEON include the Predator Pain, PonyStealer, Agent Tesla, and HawkEye keyloggers. All of the malware leveraged by GOLD GALLEON is readily available from online hacking markets. For example, the cost for the Agent Tesla RAT is between $12 and $69, depending on the support levels provided (see Figure 5).

Figure 5. Agent Tesla malware service-level tiers. (Source: Secureworks)

Actions on objectives

Once the GOLD GALLEON crew compromises the business email accounts of a company’s employees, crewmembers monitor the employees’ inboxes to identify emails for ongoing business transactions. In a typical BEC scam (see Figure 6), an attacker compromises a seller’s email account to position themselves as a “man-in-the-middle” between the seller and a buyer in an existing business transaction. The threat actor then uses their control of the seller’s account to passively monitor the transaction. When it is time for payment details to be relayed to the buyer via an invoice, the threat actor intercepts the seller’s email and changes the destination bank account on the invoice to the attacker’s money mule account. If the revised payment account does not appear to be suspicious, the buyer will likely submit the payment.

Figure 6. Typical BEC process. (Source: Secureworks)

CTU researchers observed GOLD GALLEON threat actors successfully submitting fraudulent invoices to buyers while a business transaction was in progress. The altered invoices were modified from genuine versions created by the seller that were available in the seller’s email account. The threat actors were in control of the seller’s email account and were monitoring email traffic, but the buyer was not likely to question the invoice because it appeared to contain correct and familiar information. Only the bank details where the money was to be wired were changed.

Cloned domains and look-alike email addresses

In order to impersonate a buyer or seller in a particular transaction, GOLD GALLEON and other BEC groups have purchased domains that closely resemble the buyer or seller’s company name, also known as “cloning.” CTU researchers have also observed BEC threat actors registering email accounts that contain a variation of the target’s name (e.g., john . doe @ gmail . com or jdoe @ gmail . com. With these look-alike domains and/or email addresses in hand, the cybercriminals can impersonate either party.

Disrupting the adversary — Incident case studies

The cybersecurity industry clearly has a role to play in disrupting these threats. While investigating the activities of GOLD GALLEON and another BEC group conducting fraud against the shipping industry, CTU researchers were able to interrupt dozens of BEC fraud attempts. Victim notifications prevented some fraudulent transfers, and identification of attacker-controlled accounts enabled banks to stop fraudulent use.

The following case studies offer additional insight into GOLD GALLEON’s methods and also highlight some of the challenges when disrupting these threats.

Case study 1: Thanks, but we already know… we just don’t know how.

One of the companies that GOLD GALLEON compromised was a shipping company based in South Korea. The threat actors were able to steal credentials for eight different email accounts, including an account for one of the company’s accountants. With this access, GOLD GALLEON targeted all of the company’s clients. The threat actors monitored the South Korean company’s business email day and night and became very familiar with the company’s billing cycles, clients, and various business deals.

Not long after CTU researchers began tracking GOLD GALLEON, the threat actors were monitoring a business transaction where the South Korean shipping company was requesting “cash to master” (CTM) services for a ship arriving in the U.S. The South Korean company sent an email to the U.S.-based CTM organization requesting delivery of the approximately $50,000 in crew’s wages and clarification of the total payout fee (see Figure 7).

Figure 7. Cash to master (CTM) request from the South Korean ship management company. (Source: Secureworks)

To insert themselves into the transaction, GOLD GALLEON threat actors set up an Outlook email account using the name of an employee working for the CTM company and sent a fraudulent email. The message requested that the South Korean company submit payment to the CTM’s “subsidiary [bank] account,” because the CTM was purportedly working to resolve an issue with their regular bank regarding extra fees (see Figure 8). The provided account details were for a mule account used by GOLD GALLEON.

Figure 8. GOLD GALLEON actors impersonating a shipping agent to coerce the South Korean ship management company into diverting funds to the attacker-controlled bank account. (Source: Secureworks)

Aware that the South Korean company was potentially about to send $50,000 to the threat group and not to the intended provider of ship services, CTU researchers notified the U.S. company as quickly as possible. Separately, the South Korean shipping company had been in touch with the U.S. shipping agent to verify that the subsidiary account payment details were correct, so the U.S. shipping agent was already aware of the fraud attempt. However, the agent did not know how the South Korean company had received the altered bank account details. CTU researchers were able to complete the picture for them.

Case study 2: If at first you don’t succeed…

When CTU researchers detected the GOLD GALLEON crew attempting to defraud another one of the South Korean company’s clients for $325,585, they notified the potential victim. The client, a large Japanese company with clients in the Far East and the Southeast Asian regions, provides marine transportation of petroleum products, chemicals, and other liquids. CTU researchers notified the Japanese company and explained the ongoing fraud attempt. The company was aware of the situation, as they judged that the payment request was suspicious. Despite the failed attempt, the GOLD GALLEON actors repeated their attempt using a forged invoice on the South Korean company’s letterhead.

This was a common tactic the GOLD GALLEON crew used to try and fool the clients of the South Korean shipping company. The GOLD GALLEON threat actors were able to obtain a copy of the Korean shipping company’s corporate letterhead by impersonating the Japanese marine transportation company. They stated in their email request that they needed to present it to their bank to process payment for the South Korean company’s services (see Figure 9). The South Korean company obliged and sent them an electronic copy, which the threat actors continued using for future spoofed correspondence with many of the company’s clients.

Figure 9. Spoofed email from GOLD GALLEON requesting official company letterhead of a South Korean shipping company for use in future fraud schemes. (Source: Secureworks)

Case study 3: Third time’s a charm

A week after the fraud attempt on the Japanese marine transportation company, CTU researchers detected GOLD GALLEON attempting to steal $234,834 owed to the South Korean shipping company by another client: a large multinational Japanese conglomerate. In response, CTU researchers notified both parties, as well as the bank where the mule account due to receive the stolen funds was located.

GOLD GALLEON had used the spoofed email address of the South Korean company’s accountant and sent a request to the Japanese conglomerate on the company letterhead to remit payment of the $234,834 to the attacker-controlled bank account. In this particular instance, the Japanese conglomerate was suspicious when they received the request to change payment to an alternate bank account. However, only with the additional context provided from the CTU researchers’ notification were they able to understand the full nature of the risks they were facing.

Additionally, CTU researchers reached out to the South Korean CERT (KN-CERT) so it in turn could notify the South Korean company of the nefarious activity and help them mitigate the threat on their network. KN-CERT also helped the South Korean shipping company implement security measures to monitor and help protect their business email from being compromised in a similar way in the future.


By disclosing details of the GOLD GALLEON threat, its capabilities, and its approach to conducting BEC-related fraud, CTU researchers are trying to provide a greater understanding of the BEC threat and why these campaigns continue to be so lucrative. As evidenced in this report, the monetary losses can be significant to the victims and the affected businesses. In some cases, the victims are unaware of what is happening until it is too late. Organizations in some industries (in this case shipping) may be exposed to heightened risk as threat actors focus their attempts toward industries that are more susceptible to these techniques. CTU researchers encourage organizations to evaluate the BEC threat in the context of their own systems and consider the following steps to mitigate the risks associated with BEC:

  • Implement two-factor authentication (2FA) for corporate and personal email. Small and medium-sized businesses (SMBs) are popular targets for BEC groups because SMBs typically have limited security budgets. Most BEC threat actors rely on remote access to a company’s email via commodity webmail programs, so 2FA would deter all but the most sophisticated attackers.
  • Inspect the corporate email control panel for suspicious redirect rules. An unexplained redirect rule that sends incoming email from specific addresses to third-party systems could indicate a compromise and should trigger an organization’s incident response process.
  • Carefully review wire transfer information in suppliers’ email requests to identify suspicious details.
  • Always confirm wire transfer instructions with designated suppliers using a previously established non-email mode of communication, such as a fax number or phone number. Establish this communication channel using a method other than email.
  • Require multiple approvals for wire transfers, and ensure this procedure is difficult for cybercriminals to discover.
  • Question any changes to typical business practices and designated wire transfer activity (e.g., a business contact suddenly asking to be contacted via their personal email address or a change to an organization’s designated bank account information).
  • Be suspicious of pressure to take action quickly and of promises to apply large price discounts on future orders if payment is made immediately.
  • Thoroughly check email addresses for accuracy and watch for small changes that mimic legitimate addresses, such as the addition, removal, substitution, or duplication of single characters in the address or hostname (e.g., versus username@
  • Create detection rules that flag emails with extensions that are similar to company email addresses (e.g., abc_company versus abc-company).
  • Limit the information that employees post to social media and to the company website, especially information about job duties and descriptions, management hierarchy, and out-of-office details.
  • Consider adopting the Financial Industry Regulatory Authority (FINRA) standards to deter money laundering and fraudulent wire transfers.
  • Consider using the free pdfxpose tool that CTU researchers developed to help detect wire-wire fraud. CTU analysis of GOLD SKYLINE activity revealed that the threat actors edited PDF invoice files by redacting the original payment details with a white opaque rectangle and then overlaying it with the money mule account information. This tool searches for sub-page-sized opaque rectangles with text overlays and adjusts the opacity and color to reveal potentially suspicious edits.

Appendix A — Nigerian Pidgin conversations

Figure 10. Conversation between the leader of the GOLD GALLEON group and a crewmember. (Source: Secureworks)

Figure 11. High-level GOLD GALLEON crewmember speaking with group leader about a BEC scam. (Source: Secureworks)

Figure 12. GOLD GALLEON crewmember asking contact for a U.S.-based open beneficiary bank account. (Source: Secureworks)

Appendix B — The Buccaneers Confraternity

The Buccaneers Confraternity is a descendant of the Pyrates Confraternity group (also known as the National Association of Seadogs). According to historical records, the Pyrates Confraternity was founded in 1952 by Nobel-prize winning author Wole Soyinka and six of his friends (see Figure 13). The first chapter was formed on the campus of University College Ibadan, a prestigious institution and one of the oldest universities in Nigeria. The confraternity was conceived as a response to class privilege, elitism, and other perceived social injustices against poorer students at the university. Membership was open to male students who were academically bright, regardless of their tribe or religion. The anti-establishment group adopted the motto “Against all conventions” and the classic Jolly Roger skull and crossbones pirate flag as its logo. Members went by names such as “Cap’n Blood” and “Long John Silver.” The organization’s ceremonies and customs revolve heavily around pirate symbology. The Pyrates Confraternity became the only confraternity on Nigerian campuses for almost 20 years.

Figure 13. The “Original Seven” founding members of the Pyrates Confraternity in pirate costumes. (Source:

In 1972, a schism took place when Pyrate Bolaji Carew led a “mutiny” against the confraternity. Dissatisfied with the conduct of the organization, he and several other members formed a rival group known as the Buccaneers Confraternity, borrowing many of the structures, ceremonies, and symbology from the Pyrates Confraternity. Because of this fracture, the Pyrates registered the name “National Association of Seadogs,” while the Buccaneers refer to themselves as “Sea Lords.”

Over the years, infighting led to further factions and spin-off groups, resulting in dozens of organizations. While some of the older confraternities focus on humanitarian efforts, subsequent splinter groups have strayed from those traditional values. The groups are often referred to as “campus cults,” and students are warned about the dangers of joining them. Many exhibit gang-like activity and align with local militant groups. They have engaged in armed robbery, kidnapping, operating prostitution rings, and cybercrime.

[1] Cash to master services involve a representative from a cash to master company meeting a ship upon its arrival into its destination port and paying the ship’s captain, who then pays crewmembers their wages, historically in cash accompanied by armed guards. In exchange, the cash to master company receives a service fee.


Cyber Security

Unsuccessful Conti Ransomware Attack Still Packs Costly Punch




The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading

Cyber Security

Microsoft, Adobe Exploits Top List of Crooks’ Wish List




The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading

Cyber Security

Cybersecurity Degrees in North Carolina — Your Guide to Choosing a School




cybersecurity degree

North Carolina’s cybersecurity educational and career opportunities are included in this guide. The following details the cybersecurity degree programmes available in North Carolina, as well as some of the economic factors behind the cybersecurity industry’s growth in the state.

Over the past few decades, North Carolina’s economy has undergone a major redistribution. Three of the state’s primary foundations, which were developed earlier in the twentieth century, have all experienced significant contraction. Furniture and textile manufacturing, as well as tobacco farms, were once the most important employers in North Carolina, particularly in rural areas.

Fortunately, new contributors, mainly financial intermediaries, biotechnology, information technology, healthcare, and science, have been able to replace these industries.

The majority of this expansion has occurred in the state’s major cities. However, this is excellent news for cybersecurity practitioners, since these sectors are major employers of information security professionals. Bank of America is one of the most well-known employers in North Carolina, but it is far from the only one. Other examples include Lowe’s, US Trust, Family Dollar, and Tyson Foods.

Table of Contents

Growing importance of cybersecurity in North Carolina

North Carolina’s state government has been a vocal supporter of the cybersecurity sector and the job opportunities it offers. It has been a sponsor of the Girls Go CyberStart initiative, which aims to interest and engage young girls in cybersecurity technology.

The Enterprise Security & Risk Management office of the Department of Information Technology keeps the community informed about emerging information security threats and mitigation strategies. The Secretary of State has launched a Cybersecurity Initiative to help state-registered investment advisors and their clients protect their personal details.

North Carolina teamed up with Cisco and other leading cybersecurity companies in 2018 to offer cybersecurity training to veterans in the state. The initiative, known as CyberVetsUSA, provides free training and job opportunities to veterans, transitioning service members, National Guard and reservists, and their spouses.

The North Carolina Center for Cybersecurity (NCCYBER) was founded as a non-profit organisation to facilitate communications between industry, academic institutions, and the state government in 2018.

North Carolina’s cybersecurity future appears promising, with government funding and essential consumers of cybersecurity services in place and increasing rapidly.

Cybersecurity education in North Carolina

North Carolina is home to some of the country’s best higher education institutions, especially in medical and technical research. Wake Forest, Duke, North Carolina State, and the University of North Carolina have all had a hand in the burgeoning research industry in the state.

It’s odd, though, that North Carolina’s colleges and universities haven’t been more enthusiastic about taking up the cybersecurity mantle. The state government has expressed its support, and the economy has become increasingly dependent on technology, especially information technology. Only the University of North Carolina (UNC) has invested significant capital in improving cybersecurity education programmes among the larger name colleges.

Fortunately, UNC is putting in a lot of effort. The Department of Software and Information Systems is in charge of the university’s cybersecurity initiatives. The CyberDNA Research Center was founded to conduct cutting-edge research into information security technologies and techniques. On the Charlotte campus, the school has also developed its own Cybersecurity Boot Camp, which aims to prepare students for a career in cybersecurity in as little as 24 months.

As a result, UNC, in conjunction with other smaller campuses, is offering good opportunities for would-be cybersecurity students to pursue their career goals.


All companies are under pressure to maintain full data protection at all times, and keeping up with rapidly changing technology is crucial. As a result, seasoned cybersecurity experts are prioritised. However, due to a shortage of staff relative to demand, employers will continue to seek out entry-level information security specialists in order to sustain sufficient cyber defences.

Many employers, particularly larger businesses, are willing to accept candidates with associate’s degrees for these entry-level positions. Associate’s degree programmes usually last between a year and two years to complete. When time and resources allow, professionals with this background and some real-world experience in cybersecurity can return to school and obtain a bachelor’s degree or higher. In addition, associate’s degree courses are often accepted as credit for bachelor’s degree programmes, making completion simpler and less costly.

Campus-based associate’s degrees in North Carolina

On North Carolina community college campuses, seven different cybersecurity associate’s degree programmes are currently available. Information and links are given below.

Online associate’s degrees in North Carolina

At this time, there are only two online cybersecurity associate’s degrees available in North Carolina. A curriculum leading to an AAS in Information Technology – Network Management is offered by Beaufort County Community College. On its Winston-Salem campus, Forsyth Technical Community College offers an Associate in Applied Science – IT Cybersecurity programme.


Since cybersecurity has become such a vital field, most industry positions require at least a bachelor’s degree in a computer-related or STEM field. A professional’s resume would be at the top of the pile for job opportunities if they have an undergraduate degree in cybersecurity. Interestingly, bachelor’s degree programmes are currently unavailable in North Carolina, although this is expected to change in the near future.

Campus-based bachelor’s degrees in North Carolina

Only one university currently offers cybersecurity bachelor’s degree programmes on campus. As previously said, the University of North Carolina is at the forefront. The University of North Carolina at Charlotte offers a Bachelor of Science in Computer Science with a Cybersecurity Focus. UNC – Wilmington also provides a Cybersecurity Minor to all UNCW undergraduate students, regardless of major.

Online bachelor’s degrees in North Carolina

North Carolina schools only deliver one online bachelor’s degree in cybersecurity. A Bachelor of Science in Cybersecurity is offered at Montreat College.


In recent years, cybersecurity master’s degrees have become much more relevant, as evidenced by the growing number of educational options accessible. Senior-level and management-level corporate jobs are increasingly requiring candidates to have a graduate degree. The demand for C-suite corporate positions such as Chief Information Security Officer is a major factor. However, cybersecurity veterans who prefer academia, cybersecurity science, or cybersecurity consulting find master’s degrees to be a valuable addition to their resume.

Campus-based master’s degrees in North Carolina

As seen in the table below, North Carolina currently offers five campus-based cybersecurity master’s degree options from three separate colleges. There are no online master’s programmes available right now.


In recent years, doctorate degrees in cybersecurity have become more widely available. Professionals with academic or study backgrounds are the main source of demand for these PhDs. PhDs are being sought by several cybersecurity veterans holding c-suite roles in the corporate world.

Campus-based Ph.D.’s in North Carolina

The University of North Carolina has taken over as the sole provider of cybersecurity Ph.D. programmes. The University of North Carolina at Charlotte offers a Ph.D. in Computing and Information Systems with a variety of academic emphasis specialties, including cybersecurity.


Certification programmes are useful to both newcomers and seasoned practitioners in the field of cybersecurity. There are a variety of certification programmes available, each tailored to a specific audience.

Certain types of certifications include an introduction to the technologies and methods used, which may help beginners determine if cybersecurity is right for them. Completing such certifications would almost certainly give job seekers an edge in entry-level positions.

Some cybersecurity certifications are intended to help seasoned practitioners advance their studies in a specific specialty, such as penetration testing. These advanced information security certifications will help you improve your resume and advance your career.

Other cybersecurity certifications, on the other hand, are intended to serve as stand-ins for advanced degrees, particularly master’s degrees.

Campus-based cybersecurity certifications in North Carolina

North Carolina universities currently deliver eight campus-based credential programmes. More details can be found in the table below.

Online cybersecurity certifications in North Carolina

Online access is also available for four credential programmes. Forsyth Technical Community College offers three of these alternatives. The following are some of them:

Cybersecurity Jobs in Carolina

North Carolina’s cybersecurity industry is expanding rapidly, and the supply of trained professionals is not keeping up. According to Cyberseek, 34,739 people were working in any field of cybersecurity in the 12 months leading up to September 2019. During the same time span, state employers advertised 19,657 new information security work openings. The vast majority of these job vacancies are in North Carolina’s three largest cities. Employers in Charlotte posted 8,418 new cybersecurity job openings, Raleigh had 5,626 new job openings, and Durham had 2,342 new job openings.

The state of North Carolina is taking steps to expand the labour pool, especially by attempting to tap into the state’s large veteran population. Nonetheless, since the state’s economy is centred on financial intermediaries, demand for new talent will continue to rise as cybersecurity becomes a more pressing problem.

Security analysts were paying a little more than the national average salary in May 2018. According to the US Bureau of Labor Statistics, the average hourly wage was $50.20 and the average annual income was $104,430. North Carolina’s standard of living, on the other hand, was well below the national average. The main explanation for the lower cost of living in North Carolina is the relatively low cost of housing. However, keep in mind that these are statewide numbers. Housing would, of course, be more costly in areas surrounding major cities, as this is where the majority of cybersecurity jobs are located. Even so, the most expensive place, Charlotte, has a lower cost of living than the national average.

H2 Cybersecurity in North Carolina

The economic transformation in North Carolina over the last few decades has occurred at a time when data stores are becoming increasingly vulnerable. Finance, healthcare, information technology, and science, which are now leading the way in North Carolina, are common targets for hackers and thus heavy users of cybersecurity services.

The state government is also assisting veterans and young women who want to pursue careers in cybersecurity. It’s also setting the standard for public education about vulnerability and how to avoid being hacked, as well as for its own data protection.

According to recent employment figures, cybersecurity jobs are increasingly expanding. Unfortunately, work demand is outpacing the supply of trained cybersecurity professionals. This is generating a seller’s market in North Carolina, with professionals with the expertise to fill vital cybersecurity positions far outnumbering those without.

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading

Cyber Security

Find your Cybersecurity Degree or Certification




Cybersecurity Degree

The internet and digital technologies are becoming increasingly important in daily life. With that development comes a rise in the risks that come with living a hyper-connected life.

Consider recent headlines: massive data breaches, businesses selling personal information, and browsers snooping on your sessions — all of these are examples of emerging security threats that will require a skilled and well-trained workforce to contain and eradicate.

Data shows that cyber crime, such as identity theft and fraud, is instilling fear in people of all ages.

According to the Ponemon Institute, an independent polling organisation specialising in data and privacy, 61 percent of small and medium-sized companies experienced a data breach in 2017.

If there is a bright lining to all of this, it is that the demand for cybersecurity experts is rapidly increasing. What was once considered a subfield of computer science is now considered its own discipline.

Cybersecurity is a concept and a discipline that is still changing. It used to apply to people who were in charge of restricting access to databases and computer networks that contained confidential data (such as financial transactions or military intelligence).

However, as cloud and mobile computing become more prevalent, and more software and knowledge than ever before can be accessed across the internet, the profession is evolving to include a wider range of security threats.

Companies that create multiplayer video games, or startups developing browser-based productivity software, for example, must now consider user protection in some way. This translates to a large number of job openings and fair pay.

But it also means that schools are designing new courses and curriculum to meet the industry’s rising demand for trained candidates who appreciate cybersecurity’s cutting edge at all levels, from industry qualification to Ph.D. programmes.

The Cybersecurity Guide was designed to assist prospective students and early career professionals in navigating this new space and identifying opportunities that best suit their educational and professional objectives.

Table of Contents

How to use Cybersecurity Guide

This guide is designed to provide useful resources for those interested in learning more about the field. The website is organised into several major parts, including:


One of the most important aspects of a cybersecurity career is education. Cybersecurity is a technological area that often necessitates a thorough understanding of topics like criminal justice, psychology, and management. There are various levels of cybersecurity degrees available today, ranging from an associate’s degree programme to a Ph.D. programme. Some degree programmes include cybersecurity as a focus or specialisation, while others include cybersecurity as an emphasis or specialisation.


It is possible to obtain a truly excellent online education. As a result of the COVID pandemic, most colleges and universities have been forced to invest in online platforms to provide coursework and programming. As a result, there are more online cybersecurity degrees available than ever before, including the famous online cybersecurity master’s degree. With so many choices, finding the right curriculum match is crucial.


Certifications in cybersecurity are a vital part of the increasing industry. Cybersecurity certifications are divided into two categories. The first are business certifications, which are intended to show a particular level of competence or ability. These can range from knowing how to use a proprietary networking platform to proving you’re a certified ethical hacker.

Cybersecurity certifications are also available via academic programmes. These credentials will help you gain a competitive edge in the job market or advance your career. The majority of university cybersecurity credential programmes are oriented toward teaching cybersecurity-specific leadership and management at the post-baccalaureate level.


In the area of cybersecurity, there are several job options. It’s worth noting that not all cybersecurity jobs necessitate a strong technological context. Investigations, policy creation, management, and leadership are only a few of the ways to get started in a cybersecurity career. There are a variety of cybersecurity career paths that can be accelerated or strengthened by earning a graduate degree (a master’s in cybersecurity is a common choice) or receiving graduate-level certifications.


As previously mentioned, the cybersecurity sector is rapidly expanding. The knowledge environment surrounding cybersecurity degrees, certifications, and career opportunities is very diverse due to so much transition. To stay on top of things, we work with authors who have specialised cybersecurity experience and interview experts in the field on a regular basis. As a result, a collection of in-depth informational tools covering everything from cybersecurity scholarship opportunities to what to do if you’ve been a victim of a cyber attack have been developed.

Regular updates

Please return often because we are continuously updating this page with new knowledge and resources as they become accessible.

Please see our contact information on our about us page if you’d like to write for us, talk about your programme or company, or get in touch about something else.

Coinsmart. Beste Bitcoin-Börse in Europa

Continue Reading
Techcrunch11 mins ago

Click-and-mortar is a better model for healthcare

Esports11 mins ago

Checking connection: ROCCAT Kone Pro Air review

AR/VR12 mins ago

Nvidia’s First DLSS Compatible VR Games Include No Man’s Sky

Business Insider12 mins ago

Medscape Education’s Psychiatry Update 2021 Focuses on Hot Topics in Mental Health

The Generational Power Index
Visual Capitalist13 mins ago

Which U.S. Generation Wields the Most Economic Power?

Business Insider13 mins ago

Medical Indicators Launches Blog Providing Up-to-date Information on the Healthcare & Medical Device Industries

Business Insider14 mins ago

Altice USA Gets Downgrade From BofA: Here’s Why

Business Insider15 mins ago

WarnerMedia-Discovery merger is expected to create $3 billion in savings – here are some of the jobs at risk

Business Insider15 mins ago

HCSS Introduces New Version of Aerial With Innovative Features for Heavy Civil Contractors

Aerospace17 mins ago

Benchmark Space Systems and Starfish Space team up to advance orbital docking and refueling

Fintech18 mins ago

Dorothy is a startup that offers faster cash post-disaster

Esports19 mins ago

Every cosmetic arriving in Legends of Runeterra Patch 2.8.0

Esports20 mins ago

Legends of Runeterra Patch 2.8.0 brings new event, Dark Horizon

Esports20 mins ago

Legends of Runeterra Patch 2.8.0 adds skins for champion cards and Mega Guardians

Techcrunch24 mins ago

Watch Google I/O keynote live right here

Fintech28 mins ago

Finary wants to create the wealth management dashboard for the next generation

Esports30 mins ago

Apex Legends Global Series Championship adds new legendary skin bundles, will cap prize pool at $3 million

Aviation51 mins ago

Canadian Hotel Worker Protest Takes Aim At Lufthansa Crew

Energy53 mins ago

MoistureShield® Partners with My Deck and Holloway Company to Win NADRA® National+ Deck Competition Awards

Crowdfunding54 mins ago

Irish Fintech Payslip Announces Closing of Additional $10 Million to Series A Financing Round; Brings Total Funds Raised to $14.5 Million

Energy58 mins ago

RTA Outdoor Living and Coyote Outdoor Bring Margaret Josephs’ Dream Outdoor Kitchen to Life

Energy1 hour ago

Viking Masek, IAS Inc. Form Strategic Partnership to Expand Automation Offering

Covid191 hour ago

Cancel The Olympics, Says Tokyo Doctors Association

Energy1 hour ago

HNRC Reports First Quarter Results

AR/VR1 hour ago

Facebook’s Previous Head of Oculus & Reality Labs Partnerships Leaves Company

Aviation1 hour ago

Russian Airlines Look To Pause Most Flights To Turkey

Aerospace1 hour ago

Aevum’s autonomous aircraft will deliver cargo and launch rockets

Energy1 hour ago

Cargill’s Sonya McCullum Roberts Is Named New Co-Chair of MBOLD

Crowdfunding1 hour ago

Ethereum Not Just a Digital Currency, It’s a Financial Ecosystem Generating $29.3M in Fees Every 24Hrs, 8x More than BTC: Report

Aviation1 hour ago

airBaltic Begins Rehiring Crew But Vaccinations Are Mandatory