Would you employ a hacker or malware writer?
Microsoft has pointed the figure at a Russian antivirus outfit's former technical expert, claiming he was the brains behind the Kelihos spam botnet. Davey Winder is prompted to ponder whether it's ever advisable to hire a former hacker or malware author...
(DISCLAIMER: Neither IT Pro nor Davey Winder is suggesting that the technical expert allegedly behind the Kelihos. botnet was working for the Russian antivirus company while operating the botnet, nor that the company knew of his criminal interests)
COMMENT:I was in Eastern Europe recently, visiting the HQ and research labs of security vendor ESET. While there I asked some awkward questions of the ESET CEO and CIO. Thankfully, I had them in a Bratislavan board room from which they could not easily escape.
I never hacked for money, just for fun and out of curiosity.
My line of questioning included one about whether they thought that being from that part of the world presented a perceived trust issue amongst Western European customers some of whom may associate the area more with security problems than security solutions.
The answer was - quite correctly in my opinion - that the Eastern Europe association hadn't appeared to have done one Mr Eugene Kaspersky any harm. The answer to my other awkward question 'would you employ a hacker or malware writer?' was met with an equally straightforward 'no.'
However, I am not convinced that this is always the correct answer.
First things first, the AA moment... My name is Davey Winder and I used to be a hacker. Yep, it's true. Although I am now a fairly well respected security journalist and small business consultant, back in the day (and the day in question would have been 20 years ago now) I used to hack into mainframes and networks that didn't belong to me in order to find out how they worked. I never hacked for money, just for fun and out of curiosity.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
It was, if we are to be completely honest here, my education as far as IT security was concerned. Not that 20 years ago there was much in the way of security to overcome, especially if we are talking about the online world.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.