The stories conclusions may be sensationalist an possibly untrue but there is more than a grain of truth in some of the things they say.
First off for the past 18 months or so there has been a noticable trend towards what appears to be "guns for hire" in the cracker community.
This is due in part to the increase of zero-day attacks being used for "stealth targeted attacks" as oposed to "public defacment attacks". This has been thought by some to indicate skilled hackers have swapped "feeding their ego" for "feeding their pocket". Which to me suggests "comming of age" and the "realities of life" that hits in your mid twenties to thirties when you cut lose from the nest.
This appeared to be supported by the number of "malware" attacks being aimed at "direct criminal" activities as oposed to indirect or unsociable attacks such as spam bots etc. However if you think back to "rouge dialers" and the associated "premium rate number" scams this has been going on for quite a few years.
The quote Bruce pulled from the CNN report in of it's self is not particularly fanciful, and I suspect that many "security experts" (pundits?) would regard it as being a not unresonable projection of current trends.
With regards to the BBC and ,
"Traditional criminals have the ability to move funds and use all of the background they have," he said, "but they don't have the technical expertise."
This is well known from card skiming gangs and their hardware, so why is so shocking with regards to software?
"As the number of criminal gangs looking to move into cyber crime expanded, it got harder to recruit skilled hackers, said Mr Day. This has led criminals to target university students all around the world."
Yup I suspect that is very true as well, it is a natural consiquence of card skimming and related attackes.
I suspect that the "criminals" concerend doing the recruiting might well be the same "technical experts" from card skiming gangs. After all they have quite an affinity with students as they where/are probably students themselves. They could quite easily spot the type of student they are looking for as they tend to stand out like a sore thumb due to their technical curiosity etc. Due to this they would be very very easily led into the more risky areas of activity, especially if their ego is stroked in the right way. Think recruiter playing "CEO of small security start up".
In a very few cases it might well be a "meeting of minds" and a "technology swap" where an experianced cracker trades cracking techniques for "money laundering" techniques (however I doubt they have the "smarts" to avoid getting the bad end of the deal).
Which brings me on to,
"Some students are being sponsored through their IT degree,"
Depends on what you mean by sponsored, most student I know are almost perpetuly hard up in the UK. Any money they can earn is going to be gratfully recieved by most of them, usually with few questions asked if either it is not suspicious or if put over in the right way (like "my partner is cheating on me can you help me get into their computer to get the dirt on them").
Alternativly simply look on it not as money but "drugs" and not as students but "potential addicts". Then think of all the techniques "pushers" use to get people of that age hooked on drugs. I am fairly certain that more than the odd one or two would get roped in by this sort of activity.
So are they being "sponsored" or are they being "hooked". I guess it's a matter of your outlook and the semantics you wish to use based on the same partial view of the facts.
"The aura of rebellion the name conjured up helped criminals ensnare children as young as 14, suggested the study."
"Oh Please..." This has been true for centuries, with magic, making fireworks/explosions, lock picking, safe cracking, codes, building crystal and valve radio sets and other "rabbit out of the hat" stuff. David Khan had a section in his book *The Code Breakers" about this which was published over 40 years ago.
About 30 years ago it was electronics and building your own computer from TTL chips (74181 if you could afford it) and using such things as mechanical "telephone dials" to generate pulses to program shift registers to get data into parellel form.
I know I got into this at school partly from a Physics master who got fed up with having to talk to me about my bad habit of swaping locks from bike to bike for fun at lunch time. And partly from pure curiosity on my part. Imagine an old KSR teletype and 300 baud achostic coupler modem "it talked to you in a secret language". You typed up your programs onto punched tape, and if you where lucky they loaded and magicaly produced answers. You could only do this at lunch time which kept me out of trouble ;)
Then the introduction to electronics I was almost instantly hooked, can you imagine my pure joy when the "serial CPU" I had designed and built from D types Nand and Exor gates worked, and added up two sixteen bit numbers (yup 8 bit had been done in the SCMP processor ;). Even the head master looked impressed on parents day (ego food, it was a feast ;)
Software is todays "Magic" of the kind Arther C Clark spoke of.
Put simply all boys of a curios and inquisitive nature are going to be drawn to this like a moth to a flame or a bear to honey. Amoungst other things it gives the less physicaly developed ones a degree of security against the knuckle heads in their school and area they live.
"By trawling websites, bulletin boards and chat rooms that offer hacking tools, cracks or passwords for pirated software, criminal recruiters gather information about potential targets."
Many very unplesant people are known to do this to children both girls and boys for their own "unplesant needs" and there are countless initiatives to catch them. So why (in a journos mind) would it be that unexpected for a "for money" criminal to use the same technique?
Personaly I have my doubts on this one, I suspect the "for money" criminals know the risks and are actually not using this kind of "recruiting techique". Possibly it is some of the "unplesant need" criminals using the story line as "new bait on the hook" or only somebodies speculative (/sensationalist) thought... I would need to see some real significant data on this one to be anything other than doubtfull.
"Once identified, young hackers are drawn in by being rewarded for carrying out low-level tasks such as using a network of hijacked home computers, a botnet, to send out spam."
This is a script kiddie lure that has been seen for some time and is almost as old as Cracking, Where do people think "L33t" talk comes from, it is indicative of adolescents and their need to "big it up" infront of their peers to establish status and gain inclusion into what in their eyes is an "elite group". With it's "secret communications", "coded talk", "forbiden knowledge" and "brownie points" to be gained and swapped, pluss joy of joys the ability to "look down on" and "rubbish" others, it's an almost iresistable lure.
Now the interesting one,
"The low risk of being caught and the relatively high-rewards on offer helped the criminal gangs to paint an attractive picture of a cyber criminal's life"
Now that one does not ring true with adolescents of the type that might be usefull to criminals.
I suspect that they don't use "a cyber criminal's life" as an example it would be "nah-kred" (or "uncool" if you are over twenty ;) to most adolescents. No they would be more interested in basic "ego stroking" and inclusion into what they see as an "elite group" and more importantly the mistique of a secret society and it's". As most parents know untill they become "older teens" they have no real understanding of money. If I was going to hook a young teen I would use "ego objects" such as games stations and computer hardware, either "on loan" or by "hey I have found this real great deal on ebay" and when showing it to them if their eyes light up say "hey you helped me out the other day here have it as a thank you".
So do I agree with Bruce and his,
"But I'm not sure if stories like these help or hurt"
Both it depends again on your perspective, "sensationalisum" help journos/hacks get stories by their jaded editors. Likewise it also gets people to read about technology (whilst unfortunatly thinking other thoughts) so that partly covers the "help" aspect.
However the one thing we do know about "joe public" he has the attention span of a gold fish when things go right and carps like crazy when they don't. Joe also has a tendency when floundering to blaim that that he does not understand as it is easier (and oh do some computer support people encorage this kind of ignorance). The end result Joe like any other fish out of water does not get to see the real world. And in all likley hood will develop a very distorted and short sighted view of what technology can do.
So poor old joe will not be helped at all just titilated and confused (I guess that covers the hinder part).