[Infowarrior] - Cyber security minister ridiculed over s'kiddie hire plan

Richard Forno rforno at infowarrior.org
Mon Jun 29 12:56:51 UTC 2009 

Cyber security minister ridiculed over s'kiddie hire plan

http://www.theregister.co.uk/2009/06/29/cyberminister_gaffe/

By John Leyden • Get more from this author

Posted in Crime, 29th June 2009 12:36 GMT

Security experts have strongly criticised suggestions by a government  
minister that former hackers might play a key role in Britain's newly  
announced cybersecurity strategy.

Lord West, the Home Office security minster, made the controversial  
suggestion that the government had recruited former hackers to work in  
its new Cyber Security Operations Centre, a key components of the UK  
government’s cybersecurity strategy announced last week.

West told the BBC that the government had avoided employing "ultra,  
ultra criminals" but needed the mad skillz expertise of former  
miscreants.

"You need youngsters who are deep into this stuff… If they have been  
slightly naughty boys, very often they really enjoy stopping other  
naughty boys," he said.

Rik Ferguson, a security consultant at Trend Micro, and someone who  
has worked wth GCHQ, described the idea of hiring reformed hackers to  
face off state-sponsored cyberspies and cybercriminals from eastern  
European as misguided at best in an entertaining blog post here.

     The government has actually hired a team of people known to have  
committed criminal acts using computers and is rewarding them for that  
activity with civil service jobs. It is also giving these same  
criminals access to signals intelligence at extremely high levels of  
clearance and relying on them for national defence.

     This sounds like the kind of people that have been disparagingly  
referred to as script-kiddies for many years now and I really can’t  
see their value to national security or law enforcement. Would it be  
fair to paraphrase this as "We have hired some hackers, but don’t  
worry, we didn’t hire the successful ones"?

Ferguson goes on to ask how the active recruitment of known hackers  
and criminals squares with the government's stated aim of pursuing an  
ethical cyber-security policy.

Chris Boyd, a security researcher at FaceTime, agrees that Lord West  
is talking tosh in a post on Twitter. Boyd writes: "Lord West sez:  
hire lots of talentless script kiddies to shore up UK cyberdefences.  
How can people be so dense?"

Lord West popped up in numerous news outlets last week suggesting the  
he didn't really trust this new fangled interweb and is worried about  
carrying about a smart phone near his Hackney home in case it might  
get nicked (hello encryption, backup) while, curiously, in  
conversation with Radio 4, suggesting (under tough questioning) the  
proactive cyber-offensives played a role in the Falklands War of 1982.  
As Ferguson points out the war in the south Atlantic happened a year  
before the first TCP/IP based wide area network became operational.

Confusion about technical terms in a former Naval chief turned  
government minister is one thing but it's far more of a worry for  
someone chosen to serve as the UK's first cyber security minister. ®

More information about the Infowarrior mailing list