Imagine a 19-year old hacker who goes by the pseudonym Solid Hybrid. Solid, as her hacker friends call her, is a legend on the secret message boards and web sites where hackers communicate. She’s broken into a major bank undetected. She’s stolen credit card numbers without being caught. There are even rumors that she got into the Pentagon’s servers without being discovered.
Solid hardly seems like the most trustworthy individual. But she has exactly the type of skill set needed by DOD as the cyber war between the United States, Russia, China and other countries, as well as private individuals, rages on with no end in sight.
In March, Defense Secretary Chuck Hagel announced that DOD would add 6,000 warriors to the Pentagon’s cyber unit, tripling its size by 2016, to fight this war. Hagel also accounted that DOD would invest $5 billion in 2015 to bolster cyber defenses.
The Department of Defense is on its way to building a modern cyber force," Hagel said. He then admitted that DOD’s capabilities are behind those of its adversaries, saying that DOD’s reliance on the Internet “outpaces our cyber security.”
“DOD will maintain an approach of restraint to any cyber operations outside of U.S. government networks. We are urging other nations to do the same," Hagel said.
Hagel’s announcement comes at a perilous time. The United States and China are in what amounts to a cyber Cold War, and the Pentagon is falling behind; China already has legions of hackers who have been training since they were young. It also comes in the wake of the Edward Snowden debacle, an incident that showed that U.S. state secrets can be stolen by low-level contractors with a vendetta against the way the DOD, CIA or the NSA do business.
To create this force, Hagel is going to have to convince hackers like Solid Hybrid that working in government is the right choice. This is going to be difficult, because as a seasoned hacker, Solid has a lot of options, some of them quite lucrative.
- Go to work for the Pentagon, accepting less pay than she would in the private sector. But she’d have access to some of the most cutting edge technology in the world.
- Work for a private contractor that works for the Pentagon. She’d make more money this way, but she would be hamstrung by the inevitable restrictions imposed as a result of the Snowden affair.
- Work for a large company or financial institution, safeguarding its secrets and preventing attacks. She could also work for a private cyber security firm like TDI that provides these services to private companies. In either of these jobs, pay would be outstanding.
- Continue to be a freelancer by farming her services out to various criminal enterprises - the Russian mob is hiring - while making boatloads of money. The downside is that your employers are criminals and you could end up in jail. But hackers don’t become hackers because they like rules.
Even if DOD recruiters could hire a hacker like Solid into its ranks, Snowden’s long shadow could drive her out. She would be under constant scrutiny, not only while working for DOD or a DOD contractor, but if she left government work for private industry; she would be taking the government’s secrets with her.
Jerry Ferguson, co-Leader of Baker Hostetler's national Privacy and Data Protection team, says the government has to rely on private contractors because of compensation limits within the federal government.
“One of the issues that the Snowden event raises and illustrates is the heavy reliance that the Defense Department has historically placed on private contractors in building its cyber army” Ferguson said. “There’s a practical reason for this; private industry can pay more than government pay scales often permit.”
“The reality is that the people who have the skill sets needed by a cyber warrior….the people with those skill sets are highly in demand by private industry, Ferguson added.
Ferguson said that the challenge of safeguarding military secrets is now a new one; during World War II, the phrase “Loose Lips Sinks Ships” was used to remind soldiers of the importance of secrecy. He said that in the wake of Snowden, he was comfortable that the military and intelligence agencies would find ways to keep bad apples from using their tech savvy to exploit government vulnerabilities.
“These are not new issues for the military. When you’re relying on an outsourced army, there are additional concerns about the access controls in place within an institution,” he said. “The government has a pretty good apparatus in place. Government contractors are also getting more sophisticated.”
Top Reads from The Fiscal Times