RSA Conference: Is hiring hackers a new thing?

RSA Conference: Is hiring hackers a new thing?

Once considered outlaws and trouble makers, hackers have now gone mainstream. And not just mainstream, but actively sought for employment by leading intelligence and law enforcement agencies globally.

As discussed during the recent RSA Conference, experts are recommending that the United States hire at least 10,000 experts over the next several years. The same experts believe that private enterprise will need more. Many of the jobs are in defense but there is a growing need for people who can hack into complicated networks used by governments and major corporations.

NSA

Enter the National Security Agency (NSA). The very agency which exposed by Edward Snowden, a hacker, is now offering a new “cyber-ops” program in selected colleges in the nation. Attracting hackers, which is part of President Obama’s national initiative to improve cyber security, aims to prep students for careers within the NSA’s SIGINT (signals intelligence) operations center as well as law enforcement agencies tasked with investigating cybercrimes.

The philosophy behind the NSA practice makes sense to many observers within the cyber world. It takes a hacker to catch a hacker and the things that sophisticated hackers know can’t be taught at MIT or formal law enforcement training.

FBI 

The Federal Bureau of Investigation is also jumping on the employment bandwagon and is seeking college students who want to join the agency and become “cyber special agents.” An article posted on the FBI website describes the kind of role it’s looking to fill. The organization seeks people with experience in programming, malware analytics and even something called “ethical hacking.”

The agency’s website holds a list of preferred degrees and work experience desired. The list shows that the FBI is looking for people with experience working with Apple and Microsoft equipment.

Knowing computer programming though isn’t enough to satisfy the FBI’s requirement. Applicants have to be over 23, but less than 37 and they have to pass a background check.  Maybe something hard to do for a computer hacker.

Even with screening, there have been some problems and drawbacks.

Iceman 

Take the story of Max Ray Butler, aka “Iceman.” Convicted in 2009 on two counts of wire fraud, Iceman was caught stealing millions of credit card numbers and selling them online.

Iceman was finally captured, and then employed, by the Federal Bureau of Investigation as an informant assigned the task of identifying other hackers. While still working, undercover, for the FBI, Iceman started giving up all kinds of names. When the agency began looking into the names, the federal agents couldn’t find anyone named by Iceman.

Turns out Iceman was doing all the hacks himself.

Christopher Rouland

Rouland, caught hacking into the Pentagon was recruited by federal authorities to work as a member of the Pentagon’s cyber security division. In 2008, Rouland started his company, Endgame Systems. Publicly, Endgame Systems provided a service that allowed security professionals to monitor known threats in real-time. However, Endgame was also busy providing cyber capabilities to other hackers that could take down entire regions of online infrastructure including airports.

Bloomberg Business, in a 2011 article, stated that Endgame even provided package deals to hackers who wanted to take out multiple parts of the world.

If a person wants to hire a hacker privately though, and not part of a government agency, are there options?  Turns out there are.

Hired Gun 

Manpower, Labor Ready and Kelly’s are just a few of the well-known temporary employment agencies in America. They’re great for short term warehouse help or administrative assistance, but if you want to hire a hacker, you’ll have to look elsewhere.
Read More

Blog anglais, Conseil de carrière, Cyber Crime, La cyber-sécurité