Feeds

UK.gov open to hiring EX-CON hackers for cyber reserves

Justice League or Rogues Gallery?

Secure remote control for conventional and virtual desktops

The UK army of cyber reservists is open to the idea of hiring convicted hackers into its ranks.

The new head of the Joint Cyber Reserve Unit, Lieutenant Colonel Michael White, told BBC Newsnight that applicants would be assessed on their skills and capabilities, rather than personality traits or past histories.

Asked whether he would be open to hiring criminally convicted hackers who had the right skills he responded positively. "If they could get through the security process, if they had the capability that we would like, and if the vetting authority was happy, then why not," Lieutenant Colonel White said.

Defence Secretary Philip Hammond said that Britain that simply building defences was not enough and "Britain would build a dedicated ability to counterattack and if necessary to strike in cyberspace" at the launch of the Joint Cyber Reserve Unit. The armed forces as a whole did not have an “absolute bar” on recruiting former criminals. Hammond said that "former hackers would be assessed on a case-by-case basis," The Independent reports.

David Emm, senior security researcher at Kaspersky Lab, said that the openness to hire hackers to the ranks of a kind of a geek version of the territorial army might address a short term skills shortage but said that hitting people who had proved themselves to be "motivated by money and misplaced ideals" was a risky strategy, at best. Emm emphasised the importance of training up a next generation of cyber fighters, starting in schools.

“The news that the UK Cyber Defence Unit is considering hiring convicted hackers has caused many people to voice their concerns about the ethical and security implications of employing those with a criminal past to protect the country’s most sensitive information. Those who have previously worked for the ‘dark side’ of the code-breaking fraternity are often motivated by money and misplaced ideals, and therefore expecting them to switch sides, and remain there is unrealistic.”

Emm added: “However, this development does highlight the problem of a skills shortage and the lack of talent outside the criminal community to tackle serious cyber-attacks facing the country. This is why it is so important to encourage the next generation to study, and become expert on, security-related issues so they can be the ones to fight sophisticated cyber-threats in the future.

"The government has recognised this and it is why it wants to make significant changes to the Computing element of the new National Curriculum: a move away from simply using the technology to understanding how it works.”

“As attempts to undermine governments and attack national infrastructure increasingly move online, it is imperative that the National defences are prepared to face these attacks head on, employing people with the necessary skills to block them.”

However hackers are often anti-establishment and have an antipathy towards the authorities that's only growing because of the Snowden controversy. They may no have any desire to work for the government. Asked whether he'd be interested in preventing threats to the national security, former LulzSec member Mustafa Al-Bassam (Tflow) told the BBC Newsnight team he wouldn't be keen on such a job.

"For me that would be in poor taste," Al-Bassam sad. "I can understand the need for a government to protect itself… but when you go ahead and stamp on people's civil liberties as we've seen with all the stories about mass surveillance we've seen in the past year then you can rest assured that you're going to repel tonnes of people."

Remote control for virtualized desktops

Next page: Agents of SHIELD

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.