January 29, 2013
As the Pentagon seeks to vastly expand its cyber warfare efforts, experts and hackers warn that hackers who have the skills to wage this war are not a good fit for America’s straight-laced military culture. In short, potential soldiers in cyber warfare break the military mold.
The Defense Department’s Cyber Command plans to add up to 4,900 workers in the coming years. But to fill these positions, the Pentagon will have to tap into an odd recruiting pool: people known more for their distrust of authority and for their belief in open information than their commitment to protecting the country, according to Todd Harrison, a senior fellow for defense budget studies at the Center for Strategic and Budgetary Assessments.
Recruiting is a “hard thing to do, given the career paths of hackers and the military,” Harrison said. “The typical military career path, in which it takes years to advance, isn’t going to seem very attractive to the hacker. In the software world, you can be CEO of a billion dollar company when you’re in your twenties.”
“There are a lot of things about military culture that may not be attractive to these real hacker types,” Harrison added.
In fact, a group of hackers has recently made the U.S. government one of its targets. As revenge for the suicide of Internet activist Aaron Swartz, who was facing up to 30 years in prison for illegally downloading academic papers, the powerful hackers group Anonymous last week threatened to attack the Justice Department’s network.
Harrison said that the fast-paced nature of cyber warfare – hackers constantly need to find new ways to beat security, making techniques that work today useless in a matter of months – would only complicate recruitment efforts.
“You constantly need to be recruiting 22 year olds,” he said. “If you’re in your 30s you’re too old.”
This would leave people with expertise in cyber warfare, as well as with years of access to highly classified information, without work. At the very least, these redundant workers pose a possible security risk.
A person who would only be identified by his hacker name, Chris Illusion, spoke with The Fiscal Times via Skype on Tuesday. He runs a Web site called HackCommunity.com, which claims to be “the best ethical hacking forum.” Chris said only legal hacking methods are allowed to be discussed.
Chris, who said he was speaking from the Czech Republic, said forum participants were posting about the Pentagon’s announcement in recent days. But he said he doubted many would be interested in working for the Pentagon or the federal government.
“I've heard quite a lot about the United States trying to fight the cyber crime,” he said. “Generally our [hackers] society knows about these attempts to catch the bad guys, but very few have interest in joining them.”
Chris added that he didn’t think the U.S. government could locate the hackers who are capable of penetrating military systems. He said these hackers operate in secret forums that are extremely difficult to penetrate.
“The real bad people that do all these huge bugs operate in private,” he said. “It's really, really difficult to get there. I don't believe that the government could get to them.”
However, Harrison said not to underestimate the current capabilities of America’s cyber army compared to cyber operations in countries like China and Russia. Few details are known about what the group actually does. On rare occasion, success stories like the infiltration of an Iranian nuclear facility are leaked.
“It’s a big question mark,” he said, referring to U.S. cyber warfare proficiencies. “I wouldn’t be quick to assume we’re behind.”