Would you employ a hacker or malware writer?

Microsoft has pointed the figure at a Russian antivirus outfit's former technical expert, claiming he was the brains behind the Kelihos spam botnet. Davey Winder is prompted to ponder whether it's ever advisable to hire a former hacker or malware author...

(DISCLAIMER: Neither IT Pro nor Davey Winder is suggesting that the technical expert allegedly behind the Kelihos. botnet was working for the Russian antivirus company while operating the botnet, nor that the company knew of his criminal interests)

COMMENT:I was in Eastern Europe recently, visiting the HQ and research labs of security vendor ESET. While there I asked some awkward questions of the ESET CEO and CIO. Thankfully, I had them in a Bratislavan board room from which they could not easily escape.

I never hacked for money, just for fun and out of curiosity.

My line of questioning included one about whether they thought that being from that part of the world presented a perceived trust issue amongst Western European customers some of whom may associate the area more with security problems than security solutions.

The answer was - quite correctly in my opinion - that the Eastern Europe association hadn't appeared to have done one Mr Eugene Kaspersky any harm. The answer to my other awkward question 'would you employ a hacker or malware writer?' was met with an equally straightforward 'no.'

However, I am not convinced that this is always the correct answer.

First things first, the AA moment... My name is Davey Winder and I used to be a hacker. Yep, it's true. Although I am now a fairly well respected security journalist and small business consultant, back in the day (and the day in question would have been 20 years ago now) I used to hack into mainframes and networks that didn't belong to me in order to find out how they worked. I never hacked for money, just for fun and out of curiosity.

It was, if we are to be completely honest here, my education as far as IT security was concerned. Not that 20 years ago there was much in the way of security to overcome, especially if we are talking about the online world.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021