Hackers recruited to help fight against cybercrime

Click to follow
The Independent Online

Reformed computer hackers are being recruited by the Government to defend Britain from international crime gangs and terrorists plotting cyber attacks on the country.

With internet fraud costing billions of pounds a year and Whitehall computer systems facing repeated assaults from abroad, ministers are hiring hackers to protect state secrets.

A new "cyber security operations centre" at GCHQ in Cheltenham will monitor attempts, many orchestrated from abroad, to infiltrate the national computer network.

Lord West of Spithead, the Security minister, conceded that the Government wanted to staff the unit with younger people who had unconventional – and not strictly legal – talents.

He promised that GCHQ would not recruit any "ultra, ultra criminals", but admitted that the posts required the expertise of former "naughty boys". Lord West, announcing details of a new national security strategy, said: "We need youngsters who are absolutely into this stuff. If they have been naughty boys, quite often they enjoy stopping other naughty boys."

The Government believes that the biggest online threat comes from hackers in foreign states such as China and Russia. The second biggest threat is from organised criminals.

Officials said they were not aware of any important information being stolen from government computer systems, but warned that there were cases of large British companies falling victim to industrial espionage. British Telecom alone foils 1,000 attempts to hack into its computers every day.

The risk from al-Qa'ida and other terror groups – which use the internet to spread propaganda and find recruits – is thought to be lower.

But Lord West warned such groups were "learning quickly" how to mount cyber attacks: "We know terrorists use the internet for radicalisation and things like that at the moment, but there is a fear they will move down that path. As their ability to use the web and the net grows, there will be more opportunity for these attacks."

Last month, President Barack Obama announced that he was making it a "national security priority" to protect the American computer network and was setting up a "cyber security office" in the White House.

The US administration is mounting a Government recruitment drive for hackers and former cyber-criminals. One of the country's best known former hackers, Jeff Moss, was given a job inside the Department for Homeland Security, and a military-funded recruitment drive will be initiated inside American high schools to turn potential hackers into tech-savvy defenders of the state.

Cyber-crime specialists last night raised doubts over the ethics of hiring former hackers to protect the national computer infrastructure.

Greg Day, the principal security analyst at McAfee, said: "In the cyber-security industry it is perhaps legitimate to employ someone who hacks into a company's network as long as they have permission to do so. But to hire someone who has deliberately caused damage to an organisation or user without consent – that's a pretty hard sell."

Rik Fergusson, a cyber security expert at Trend Micro, said: "The security industry as a whole is dead set against the idea of giving jobs to former hackers. "It is morally wrong to reward someone for their criminal endeavours. The Government should not be rewarding teenage hackers who have committed crimes."

But computer experts believe the capability of potentially hostile governments to infiltrate British systems is increasing all the time.

In March, Canadian investigators uncovered a vast espionage network run out of China which had infiltrated 1,295 computers in 103 countries. The so-called "Gh0stnet" spying operation had resulted in the theft of documents from scores of computers belonging to embassies, foreign ministries and government offices around the world.

An enormous cyber assault was also launched on Estonia in 2007 that virtually shut down the country's entire internet network.

Russia has always denied any involvement but analysts concluded that the "denial of service" attack came from computers in Russia.

Mr Fergusson said: "In a war, every cyber service within a government would be targeted. It is no different from cutting off an enemy's supply lines to the front line."

Lord West intimated that Britain had its own online attack capability, but he refused to say whether it had been used. He said: "It would be silly to say that we don't have any capability to do offensive work from Cheltenham, and I don't think I should say any more than that."

Ilias Chantzos, the government relations director for Symantec, said the company estimated that there were at least 245 million cyber attacks worldwide each year.

"There is a saying that people often use in the industry – that hackers used to hack for fame, now they hack for fortune. The cyber-attack industry has become industrialised, professional and squarely aimed at making money for stealing information."

Baroness Neville-Jones, the shadow Security minister, said the action was "long overdue", adding: "It is impossible to know how significant these announcements are because we do not know what funding will be made available to enhance our ability to tackle cyber attacks."

The world's best-known hackers

Gary McKinnon

British UFO enthusiast and hacker currently wanted by the US for "the biggest military hack of all time".

Matthew Bevan

UFO enthusiast. Arrested in 1996 for hacking into US government computers. Not prosecuted.

Jeff Moss

Former hacker who operated as "Dark Tangent" in the 1990s. Now works at US Homeland Security.

Kevin Mitnick

Chased by FBI and media in 1990s after hacking spree. Caught, served five years. Now runs own firm.

Tsutomu Shimomura

"White hat" hacker who helped the FBI track down Kevin Mitnick after he was personally hacked by him.

Adrian Lamo

Hacked from internet cafes andleft messages about bad security. Gave himself up. Now a journalist.

Kevin Poulsen

One of America's earliest hackers, he broke into KIIS-FM's phonelines to win himself a Porsche.

Stephen Wozniak

American who began hacking telephone lines before he joined Steve Jobs and set up Apple.

Vasiliy Gorshkov and Alexey Ivanov

Two Russians convicted of stealing 50,000 credit card numbers from American banks.

Jonathan James

First juvenile jailed in US for cyber crime. Died in 2008 reportedly from self-inflicted gunshot.