Like many, I spent a couple hours a week ago watching The Avengers. Not to give away much, but in the movie, a shadowy "world security council" is arguing with Nick Fury (Samuel Jackson) regarding whether it is wise to entrust the fate of the world to a handful of unstable individuals (the titular Avengers).
A council member remarks, "This is out of line, Director. You're dealing with forces you can't control."
Fury responds, "You ever been in a war, Councilman? In a firefight? Did you feel an overabundance of control?"
Unconvinced, a council member retorts, "We're running the world's greatest covert security network and you're gonna leave the fate of human race to a handful of freaks."
Fury counters, "These people may be isolated, unbalanced even, but I believe with the right push they can be exactly what we need."
Sure enough, the Avengers assemble and they end up saving the USA.
That exchange essentially applies to a challenge the US government currently faces, and it indicates why we may have to turn to so-called black hats -- unstable "freaks" -- if we hope to protect our free enterprise and government networks from a vicious cyber-threat.
In many ways, the Internet is still like the Wild West. With the proper skills, one individual is capable of tremendous damage -- literally becoming a cyber-superhero or supervillain, depending on your perspective.
China, a country cited by US government sources as responsible for stealing "a great deal" of US-based intellectual property,
recognizes the value of the black hat hacker community. US intelligence has indicated that the Chinese recruit heavily from hacker ranks, tolerating their actions and paying them well for successful theft of US defense secrets and intellectual property.
But the US and its European allies, in the midst of being steamrolled by China, are imprisoning many talented black hats. For example, the members of LulzSec -- the mischievous hacking collective that rocked the online world with their intrusions and hacks of Sony in 2011 -- sit in prison, facing potential sentences ranging from a couple of years to a couple of decades.
The US could take such captured black hats and turn them into unwilling operatives. And with the proper pressure -- good cop (promise of "NFL money" for successful hacks on Chinese networks) and bad cop (threats of prison time) -- these supervillains could be turned into superheroes, protecting the US and launching successful counteroffensives against China and other countries intent on cyber-espionage.
As it stands now, if US intelligence and the DOD are to be believed, the US is essentially in an open cyberwar with malicious Chinese hackers. These hackers are largely black hats and hence do not play by the rules. This is an unwinnable war for the US if it continues to rely on "green" IT professionals -- four-year-college-degree types.
The US needs to turn to its black hats and find ways to convince them to fight for the cause rather than throwing them to rot in prison.
Are these individuals unstable? Of course. Do they need to be carefully monitored by intelligence? Absolutely. But by many accounts, this is a desperate time for the US in terms of cybersecurity. And desperate times call for desperate measures. Just ask Nick Fury.
True, but OBL was a well known fundamentalist extremist. I wouldn't suggest recruiting the truly nut-job (pardon the un-PC term) hackers like Gary McKinnon.
I would focus on individuals who were deemed sane, if a bit unruly, e.g. the Kevin Mitnicks of today's generation.
Those individuals morals and sentiments might not line up precisely with U.S. NIA, but at least they are principled on some level and aren't going to tend towards extremely unpredicatable psychosis.
There are potential benefits to this, and potential drawbacks. Depends on the stability/reliability of the "assets" you choose to use. One of the bad examples from the U.S. past is Osama bin Laden. He was funded by the U.S. when the Russians invaded Afghanistan, and then he turned on the U.S. Beware the company you keep.
In truth, anyone can turn out unstable. People can surprise you that way. Really the Avengers were good buys even if some of them may have had a shady past. The only Avenger who was truly unstable was the Hulk, but you're supposed to suspend your disbelief about how an ungovernable force can be channeled when needed. A closer to analogy to hackers would be someone like Frank Abagnale Jr.'s, the subject and author of Catch Me if You Can. Having proven so successful at breaching security, he became a consultant.
Hey Mashka, I agree that a hacker is not a superhero by default. I do contend that a good quality hacker has skills that can be useful in fighting hacking, or of other significant uses by Uncle Sam or even private enterprise.
I see the point of the post authors reference to the Avengers, but do not ascribe superhuman skill to hackers.
@Jason, avoiding the comic hero metaphore, I for one agree with the spirit of your blog... It makes perfect sense to hire the people with, not only the skills, but the mindset also, posessed by a "hacker mentality"
The thing is, when you consider whom they're trying to catch -- bad guys -- it makes sense that you want to hire other unstable individuals to catch them. How stable are most bad guys? How successful is a good guy going to be at thinking like a bad guy?
Really, the term we should be using is lawful vs. chaotic; you can still be chaotic good. (Captain America, of course, is lawful good. The Hulk....well....)
It goes the other way, too. Companies fire white hats because they're afraid they'll turn into black hats. Anybody else remember Dan Farmer and Satan? He developed the ultimate tool for finding weaknesses in a computer system -- with the intention that someone could then fix them, but if the tool got out into the wild, it would have been the ultimate hacking tool. I was a friend of Dan's at the time and I am positive he developed it with only good intent, but SGI got cold feet and fired him. And there's plenty of other examples of people who brought security issues to the attention of the powers that be and got fired or expelled for it.
Well he was also a person IRL, unless you subscribe to the "matrix within a matrix within a matrix", which some believe.
Some have argued that the machines simply let the people rebel in a second "real world" matrix, which they thought was real to control them. It's an interesting theory.
But yea, Neo is a lot like a good guy version of Braniac.
Being a hacker doesn't mean to be a super hero. I meant some kind of superpower that can rule the computers for example. Now , it came to my mind, that Neo might be some kind of that type of a hero, on ther other hand, he was just another programm, wasn't he?;)
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Whether you’re an engineering firm that uses CAD for parts design, or an e-business that leverages Photoshop for user-interface graphics, you likely require a modest graphics-processing unit. In the old days, this was a daunting hurdle to innovation, but today, the situation has improved thanks to technologies like NVIDIA’s GRID and Microsoft’s RemoteFX. Such virtualized graphics protocols allow you to load-balance graphics-intensive workloads from virtual desktops on a server-side graphics card.
Take a trip down memory lane and imagine, if you will, a system-on-a-chip with Apple IIe-like specs -- 4KB of RAM and 32KB of flash. Add some modern niceties like an ARM Cortex-M0+ 32-bit pipeline, 12-bit DAC, and low-power UART, and you have Freescale's recently unveiled Kinetis KL02, which the company calls "the world's smallest ARM Powered MCU."
Recent reports from the NPD, IDC, and Gartner suggest the end is nigh for ye olde personal computer. They imply that 2017 will be the magic year tablet sales will surpass PC purchases.
From “feeling blue” to the “blue screen of death,” the color blue has a number of negative associations. So it might seem an odd moniker for Microsoft to choose as the code name for its new operating system. But that’s exactly what the world’s top operating system maker has done.
US counterterrorism expert Richard Clarke, who came to prominence with his prescient warnings before the 9/11 attacks, tells Smithsonian Magazine the US was responsible for the Stuxnet supersmart worm that attacked parts of nuclear reactors in Iran – and in the process, has given away one of the world's most sophisticated cyberweapons.
It wouldn't be the first time, but a group of Chinese engineers has proposed a means by which the Internet's root could be split, enabling secondary, independent networks that could be government-controlled. The Internet's root security committee is taking such proposals seriously.
Law enforcement agencies are poised to use iPhones as facial recognition systems in the coming months. The technical advance promises efficiency but has created a backlash among civil liberties proponents.
Is China a threat because it censors US sites, or could it be that the country might have an economic formula that will out-innovate us on the Internet that we invented?
Cyber Warfare may be the next frontier for tactical hacking. It has already reared its head in Estonia, Russia, and Georgia, and some say it has been used by North Korea, China, and other world powers. The implications and the potential are both fascinating and scary.
The FBI recently issued a warning to smartphone users, highlighting two mobile malware applications: Loozfan, which steals personal information, and FinFisher, which is spyware that takes over a smartphone's functions.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
