Would you employ a hacker or malware writer?

Microsoft has pointed the figure at a Russian antivirus outfit's former technical expert, claiming he was the brains behind the Kelihos spam botnet. Davey Winder is prompted to ponder whether it's ever advisable to hire a former hacker or malware author...

(DISCLAIMER: Neither IT Pro nor Davey Winder is suggesting that the technical expert allegedly behind the Kelihos. botnet was working for the Russian antivirus company while operating the botnet, nor that the company knew of his criminal interests)

COMMENT:I was in Eastern Europe recently, visiting the HQ and research labs of security vendor ESET. While there I asked some awkward questions of the ESET CEO and CIO. Thankfully, I had them in a Bratislavan board room from which they could not easily escape.

Advertisement - Article continues below

I never hacked for money, just for fun and out of curiosity.

My line of questioning included one about whether they thought that being from that part of the world presented a perceived trust issue amongst Western European customers some of whom may associate the area more with security problems than security solutions.

The answer was - quite correctly in my opinion - that the Eastern Europe association hadn't appeared to have done one Mr Eugene Kaspersky any harm. The answer to my other awkward question 'would you employ a hacker or malware writer?' was met with an equally straightforward 'no.'

However, I am not convinced that this is always the correct answer.

First things first, the AA moment... My name is Davey Winder and I used to be a hacker. Yep, it's true. Although I am now a fairly well respected security journalist and small business consultant, back in the day (and the day in question would have been 20 years ago now) I used to hack into mainframes and networks that didn't belong to me in order to find out how they worked. I never hacked for money, just for fun and out of curiosity.

Advertisement - Article continues below

It was, if we are to be completely honest here, my education as far as IT security was concerned. Not that 20 years ago there was much in the way of security to overcome, especially if we are talking about the online world.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020

How to connect one, two or more monitors to your laptop

29 Jun 2020