Feeds

UK.gov open to hiring EX-CON hackers for cyber reserves

Justice League or Rogues Gallery?

The Power of One eBook: Top reasons to choose HP BladeSystem

The UK army of cyber reservists is open to the idea of hiring convicted hackers into its ranks.

The new head of the Joint Cyber Reserve Unit, Lieutenant Colonel Michael White, told BBC Newsnight that applicants would be assessed on their skills and capabilities, rather than personality traits or past histories.

Asked whether he would be open to hiring criminally convicted hackers who had the right skills he responded positively. "If they could get through the security process, if they had the capability that we would like, and if the vetting authority was happy, then why not," Lieutenant Colonel White said.

Defence Secretary Philip Hammond said that Britain that simply building defences was not enough and "Britain would build a dedicated ability to counterattack and if necessary to strike in cyberspace" at the launch of the Joint Cyber Reserve Unit. The armed forces as a whole did not have an “absolute bar” on recruiting former criminals. Hammond said that "former hackers would be assessed on a case-by-case basis," The Independent reports.

David Emm, senior security researcher at Kaspersky Lab, said that the openness to hire hackers to the ranks of a kind of a geek version of the territorial army might address a short term skills shortage but said that hitting people who had proved themselves to be "motivated by money and misplaced ideals" was a risky strategy, at best. Emm emphasised the importance of training up a next generation of cyber fighters, starting in schools.

“The news that the UK Cyber Defence Unit is considering hiring convicted hackers has caused many people to voice their concerns about the ethical and security implications of employing those with a criminal past to protect the country’s most sensitive information. Those who have previously worked for the ‘dark side’ of the code-breaking fraternity are often motivated by money and misplaced ideals, and therefore expecting them to switch sides, and remain there is unrealistic.”

Emm added: “However, this development does highlight the problem of a skills shortage and the lack of talent outside the criminal community to tackle serious cyber-attacks facing the country. This is why it is so important to encourage the next generation to study, and become expert on, security-related issues so they can be the ones to fight sophisticated cyber-threats in the future.

"The government has recognised this and it is why it wants to make significant changes to the Computing element of the new National Curriculum: a move away from simply using the technology to understanding how it works.”

“As attempts to undermine governments and attack national infrastructure increasingly move online, it is imperative that the National defences are prepared to face these attacks head on, employing people with the necessary skills to block them.”

However hackers are often anti-establishment and have an antipathy towards the authorities that's only growing because of the Snowden controversy. They may no have any desire to work for the government. Asked whether he'd be interested in preventing threats to the national security, former LulzSec member Mustafa Al-Bassam (Tflow) told the BBC Newsnight team he wouldn't be keen on such a job.

"For me that would be in poor taste," Al-Bassam sad. "I can understand the need for a government to protect itself… but when you go ahead and stamp on people's civil liberties as we've seen with all the stories about mass surveillance we've seen in the past year then you can rest assured that you're going to repel tonnes of people."

Designing a Defense for Mobile Applications

Next page: Agents of SHIELD

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.