Convicted computer
hackers could be recruited to the UK's cyber defence force if they pass
security vetting, the head of the new unit has said.
Recruitment would be
focused on "capability development" rather than "personality
traits", he added.
The Joint Cyber
Reserve Unit was announced by the government in September.
Under the £500m
initiative, the Ministry of Defence (MoD) is set to recruit hundreds of
reservists as computer experts to work alongside regular armed forces.
The unit will defend
national security by safeguarding computer networks and vital data, and it will
also launch strikes in cyberspace if necessary.
It is hoped the move
will address the shortage of people with the technological skills and knowledge
to protect corporations, the military, and government systems from cyber
attacks.
'Civil
liberties'
The MoD said the
recruitment, which started in early October, would target regular personnel
leaving the armed forces, current and former reservists with the required
skills, and civilians with the appropriate technological knowledge.
When asked by
Newsnight whether someone with the right skills would be ruled out if they had
a criminal record for hacking, Lt Col White said: "I think if they could
get through the security process, then if they had that capability that we
would like, then if the vetting authority was happy with that, why not?
"We're looking at
capability development, rather than setting hard and fast rules about
individual personality traits."
Defence Secretary
Philip Hammond unveiled plans for the cyber defence unit last month.
Mr Hammond also told
Newsnight he could foresee circumstances in which convicted hackers could be
employed.
"Each individual
case would be looked at on its merits," he said.
"The conviction
would be examined in terms of how long ago it was, how serious it was, what
sort of sentence had followed. So I can't rule it out."
But one former hacker
told Newsnight the government had already undermined its chances of attracting
talented individuals.
Mustafa al-Bassam, now
a computer science student at King's College London, was the youngest hacker in
the Lulzsec group - which recently targeted organisations such as the FBI in
the US and Britain's Serious Organised Crime Agency (Soca) in a 50-day hacking
campaign.
He told that
revelations by former US contractor Edward Snowden about the extent of mass
surveillance carried out by intelligence agencies - including the US' National
Security Agency (NSA) and Britain's GCHQ - had dissuaded him from using his
cyber skills to protect UK national security.
"I can understand
the need for a government to protect itself, but when you go ahead and stomp on
everyone's civil liberties - as we've seen with all the mass surveillance
stories that have been out over the past year - I think you can rest assured
that you're going to repel talented people," he said.
'Industrial
scale' attacks
Dr David Day, a
Sheffield Hallam University computer forensics expert who provided evidence for
Mr Al-Bassam's conviction, told Newsnight it was a "terrible shame"
someone convicted of malicious hacking would find it difficult to get a job in
the industry.
"If they have
those abilities and those skills, then some of the best talent we can't
use," he said.
Cyber attacks and
crime have become more common in recent years.
In July, it emerged
Britain was seeing about 70 sophisticated cyber espionage operations a month
against government or industry networks,
GCHQ director Sir Iain
Lobban said business secrets were being
stolen on an "industrial scale".
And in a written
statement in December last year, Cabinet Office Minister Francis Maude said 93%
of large corporations and 76% of small businesses had reported a cyber breach
in 2012.
0 comments:
Speak up your mind
Tell us what you're thinking... !