The hiring of alleged hackers has been criticised after British intelligence services hired 50 computer-savvy hackers to work in the Cyber Operations Command.
Rik Ferguson, senior security advisor at Trend Micro, claimed that the appointment of the ‘computer-savvy hackers – some of them still teenagers' to work in the Cyber Operations Command that was recently announced as a part of the UK Cyber Security Strategy, would be untrustworthy.
Ferguson claimed that he was not complaining about young people getting jobs or about the Cyber Security Strategy in general, but was upset with the implication that only young (former) criminals have the skills required to carry out the work necessary to combat cyber terrorism.
Ferguson said: “It is entirely unacceptable that our security services and our government are broadcasting the message that the only qualification necessary for a job in MI5 is being a hacker (one bad enough to have got caught).
“People who have been found to have broken the law should not be allowed to profit from their misdeeds especially by way of an employment offer in the very field of their criminal activities. Would you hire a convicted embezzler as your accountant? How about a teenage convicted embezzler?”
The Daily Express article also claimed that ‘the hackers have also intercepted messages from terrorists in Belmarsh maximum security prison', to which Ferguson claimed: “Perhaps I am being naive here, but why on Earth are convicted terrorists being allowed access to technology that allows them to send (one would assume) encrypted messages from prison? Surely if a prisoner still poses a threat to national security, shouldn't their communications be monitored or at least restricted as necessary?”
He went on to claim it would be beneficial if, instead of inviting criminals and hackers to assist in these commendable national security endeavours, the government approached the application, network and content security communities who have been combating malicious, criminal computer and network related activity for many years.
“Please concentrate your activity on the creation of meaningful and sustainable detective and enforcement alliances with international partners,” said Ferguson.
“Involve ISPs in initiatives aimed at cleaning up the huge population of home computers already being exploited by cybercriminals. Don't waste your time telling schoolboy tales of hiring ‘naughty boys' for hi-tech derring-do."