Like many, I spent a couple hours a week ago watching The Avengers. Not to give away much, but in the movie, a shadowy "world security council" is arguing with Nick Fury (Samuel Jackson) regarding whether it is wise to entrust the fate of the world to a handful of unstable individuals (the titular Avengers).
A council member remarks, "This is out of line, Director. You're dealing with forces you can't control."
Fury responds, "You ever been in a war, Councilman? In a firefight? Did you feel an overabundance of control?"
Unconvinced, a council member retorts, "We're running the world's greatest covert security network and you're gonna leave the fate of human race to a handful of freaks."
Fury counters, "These people may be isolated, unbalanced even, but I believe with the right push they can be exactly what we need."
Sure enough, the Avengers assemble and they end up saving the USA.
That exchange essentially applies to a challenge the US government currently faces, and it indicates why we may have to turn to so-called black hats -- unstable "freaks" -- if we hope to protect our free enterprise and government networks from a vicious cyber-threat.
In many ways, the Internet is still like the Wild West. With the proper skills, one individual is capable of tremendous damage -- literally becoming a cyber-superhero or supervillain, depending on your perspective.
China, a country cited by US government sources as responsible for stealing "a great deal" of US-based intellectual property,
recognizes the value of the black hat hacker community. US intelligence has indicated that the Chinese recruit heavily from hacker ranks, tolerating their actions and paying them well for successful theft of US defense secrets and intellectual property.
But the US and its European allies, in the midst of being steamrolled by China, are imprisoning many talented black hats. For example, the members of LulzSec -- the mischievous hacking collective that rocked the online world with their intrusions and hacks of Sony in 2011 -- sit in prison, facing potential sentences ranging from a couple of years to a couple of decades.
The US could take such captured black hats and turn them into unwilling operatives. And with the proper pressure -- good cop (promise of "NFL money" for successful hacks on Chinese networks) and bad cop (threats of prison time) -- these supervillains could be turned into superheroes, protecting the US and launching successful counteroffensives against China and other countries intent on cyber-espionage.
As it stands now, if US intelligence and the DOD are to be believed, the US is essentially in an open cyberwar with malicious Chinese hackers. These hackers are largely black hats and hence do not play by the rules. This is an unwinnable war for the US if it continues to rely on "green" IT professionals -- four-year-college-degree types.
The US needs to turn to its black hats and find ways to convince them to fight for the cause rather than throwing them to rot in prison.
Are these individuals unstable? Of course. Do they need to be carefully monitored by intelligence? Absolutely. But by many accounts, this is a desperate time for the US in terms of cybersecurity. And desperate times call for desperate measures. Just ask Nick Fury.
— Jason Mick is senior news editor at the independent tech news site DailyTech.