The UK army of cyber reservists is open to the idea of hiring convicted hackers into its ranks.
The new head of the Joint Cyber Reserve Unit, Lieutenant Colonel Michael White, told BBC Newsnight that applicants would be assessed on their skills and capabilities, rather than personality traits or past histories.
Asked whether he would be open to hiring criminally convicted hackers who had the right skills he responded positively. "If they could get through the security process, if they had the capability that we would like, and if the vetting authority was happy, then why not," Lieutenant Colonel White said.
Defence Secretary Philip Hammond said that Britain that simply building defences was not enough and "Britain would build a dedicated ability to counterattack and if necessary to strike in cyberspace" at the launch of the Joint Cyber Reserve Unit. The armed forces as a whole did not have an “absolute bar” on recruiting former criminals. Hammond said that "former hackers would be assessed on a case-by-case basis," The Independent reports.
David Emm, senior security researcher at Kaspersky Lab, said that the openness to hire hackers to the ranks of a kind of a geek version of the territorial army might address a short term skills shortage but said that hitting people who had proved themselves to be "motivated by money and misplaced ideals" was a risky strategy, at best. Emm emphasised the importance of training up a next generation of cyber fighters, starting in schools.
“The news that the UK Cyber Defence Unit is considering hiring convicted hackers has caused many people to voice their concerns about the ethical and security implications of employing those with a criminal past to protect the country’s most sensitive information. Those who have previously worked for the ‘dark side’ of the code-breaking fraternity are often motivated by money and misplaced ideals, and therefore expecting them to switch sides, and remain there is unrealistic.”
Emm added: “However, this development does highlight the problem of a skills shortage and the lack of talent outside the criminal community to tackle serious cyber-attacks facing the country. This is why it is so important to encourage the next generation to study, and become expert on, security-related issues so they can be the ones to fight sophisticated cyber-threats in the future.
"The government has recognised this and it is why it wants to make significant changes to the Computing element of the new National Curriculum: a move away from simply using the technology to understanding how it works.”
“As attempts to undermine governments and attack national infrastructure increasingly move online, it is imperative that the National defences are prepared to face these attacks head on, employing people with the necessary skills to block them.”
However hackers are often anti-establishment and have an antipathy towards the authorities that's only growing because of the Snowden controversy. They may no have any desire to work for the government. Asked whether he'd be interested in preventing threats to the national security, former LulzSec member Mustafa Al-Bassam (Tflow) told the BBC Newsnight team he wouldn't be keen on such a job.
"For me that would be in poor taste," Al-Bassam sad. "I can understand the need for a government to protect itself… but when you go ahead and stamp on people's civil liberties as we've seen with all the stories about mass surveillance we've seen in the past year then you can rest assured that you're going to repel tonnes of people."