14 DAY TRIAL // Britain's national security agency, also known as the MI5, has started hiring former hackers to work at the newly created Cyber Security Operations Centre. According to local media reports, many of the new recruits are teenagers who were convicted for cybercriminal activities in the past.
The Cyber Security Operations Centre has been created earlier this year along with the new Cabinet Office of Cyber Security as part of Britain's new security strategy. The center's purpose is to intercept and analyze cyber attacks against the UK, as well as to devise methods of countering them.
Back in June, in an interview for the BBC, Lord Alan West, the parliamentary under-secretary for security and counter-terrorism, noted that, "You need youngsters who are deep into this stuff... If they have been slightly naughty boys, very often they really enjoy stopping other naughty boys."
The Daily Express reports that fifty former hackers have been hired so far to work at the Cyber Security Operations Center, and that all of them have signed the Official Secrets Act, which prevents them from discussing what they do for a living. Even though many of them are still teenagers, they are all said to have passed the same vetting process as other intelligence staff.
According to MI5's chief, Jonathan Evans, the recruits have so far identified and blocked cyber attacks originating from China, Russia and Pakistan that targeted the Whitehall network, air-traffic control systems or power stations. Apparently, the youngsters even intercepted terrorist communications from the Belmarsh maximum security prison.
However, Rik Ferguson, solutions architect at antivirus vendor Trend Micro, is not so impressed. "Perhaps I am being naive here, but why on Earth are convicted terrorists being allowed access to technology that allows them to send (one would assume) encrypted messages from prison?" he asks.
The security researcher does not approve with the government's approach and considers that, "It is entirely unacceptable that our security services and our government are broadcasting the message that the only qualification necessary for a job in MI5 is being a hacker (one bad enough to have got caught). People who have been found to have broken the law should not be allowed to profit from their misdeeds especially by way of an employment offer in the very field of their criminal activities." Mr. Ferguson stresses that this is his personal opinion as a security professional and not that of Trend Micro, the company he works for.