Defense expert: US should hire hackers to conduct cyberwarfare

Defense expert: US should hire hackers to conduct cyberwarfare

Summary: Defense analyst John Arquilla believes the U.S. should stop prosecuting elite hackers and instead hire them to wage an online war against terrorists as well as other American enemies. He argues if the U.S. played its card rights with hackers, the war on terror would have been long over.


Defense expert: US should hire hackers to conduct cyberwarfare
Earlier this year, a Federal Bureau of Investigation (FBI) executive said the United States is "not winning" the hacking war. One defense expert believes he has the solution. It's a very simple one: instead of prosecuting hackers, he believes the U.S. government should hire them.

John Arquilla, a professor of defence analysis at the Naval Postgraduate School (NPS) and a former director of the Pentagon's Information Operations Center for Excellence, was recently interviewed by the Guardian. Here a few relevant excerpts:

He said that the US had fallen behind in the cyber race and needed to set up a "new Bletchley Park" of computer whizzes and codecrackers to detect, track and disrupt enemy networks. "If this was being done, the war on terror would be over," he said. … "Most of the hackers I have known would love to destroy al-Qaida."

"Let's just say that in some places you find guys with body piercings and non-regulation haircuts. But most of these sorts of guys can't be vetted in the traditional way. We need a new institutional culture that allows us to reach out to them."

Arquilla invented the term cyberwarfare two decades ago. Although he admits a few master hackers had already been recruited, he argues many more are needed.

Here's where I definitely agree with Arquilla: he criticized lengthy jail terms for hacking. I think they are more often than not penalized way too extensively. Arquilla further adds prison sentences add to the tensions between the government and those who could help it fight and defend its interests online. He points out since most of them don’t' have political agendas, they can be turned into patriots.

See also:

Topics: Security, Government, Government US, Tech Industry

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Right . . .

    Right - let's let a bunch of hackers with no moral compass be in charge of the world's largest intelligence operations.

    What could possibly go wrong?

    (HINT: I'm using sarcasm)
    • Bureaucrats or hackers? Let me see....

      I understand what you are saying and maybe it is just a perspective issue. Me personally, I think I would rather take my chances with hackers over bureaucrats, especially the mindless rabble that is currently leading our country. Talk about no moral compass... Don't get me wrong, malicous hackers (Cybercriminals/cyberterrorist) are a dispicable bunch and I don't condone what they do, but they make up a pretty small percentage of the "hacker" culture. Most Bureaucrats are incorrigible, dishonest, self-serving, self-righteous, unscrupulous, individuals....put them in charge, what could go wrong???? That is pretty self-evident. As the article pointed out, hackers are a fairly untapped resource, that with a little direction, a good job plus benefits, could/would be a great asset in cyberwarfare. It's not about who has the most or the biggest bombs anymore. It is about who can control the infrastructure and information flow. Nobody is talking about putting them in charge, just enlisting their help to protect our people and cyber ass-ets. The next global war most likely won't be fought on the ground, air, or sea with bombs and bullets. It will be fought over the wires and airwaves. Yeh....I think I'd throw my lot in with a good hacker than a bureaucrat most any day of the week. But that's just me.
      • Who said I was comparing them to bureaucrats?

        Who said I was comparing them to bureaucrats?
        • You weren't, I was

          Your Quoted: "Right - let's let a bunch of hackers with no moral compass be in charge of the world's largest intelligence operations."

          I was just pointing out that I would probably trust a hacker over the bureaucrats that our currently running our Gov't and "Intelligenc" agencies. No offense intended.
      • good jobs with benefits...

        many of them are currently flipping burgers and "dropping fries" during their non-hacking hours, except the ones renting you your movies or selling you popcorn... I think $60k and free health insurance with no co-pays would buy an awfully large, anonymous group...
    • hmmm... no moral compass.

      Many hackers are curious and very much do have a moral compass. A better moral compass than many politicians, as another poster already pointed out, and, I will add, many corporations. They just get much stiffer sentences when caught. Remember the Sony BMG rootkit? Now remember the stiff legal penalties against the executives responsible?

      Now for a homework assignment.. Write a root kit that infects 500,000 networks. Apologize and release a removal tool. Extra credit: Try to avoid jail time. Bonus Points: Target Sony BMG.
  • Perhaps other way around?

    Hi :)
    Alternatively maybe they could hire terrorists to scare hackers into becoming more covert.

    Errr, and they are losing the war against gang-warfare and drugs too. How to balance those off?
    Regards from
    Tom :)

    We Already have it going on, some guy trying to make a name for himself,,,,,
  • YES they should hire them...

    Years ago the FBI hired a check forger (can't remember his name - the one from the "Catch Me If You Can" movie. And he was instrumental in catching hundreds of other forgers. You just need adequate supervision of the operation.

    As an EX Hacker myself (who was lucky enough never to get caught), I would LOVE the opportunity to LEGALLY hack into some other countries system. Realistically I would see it a s a challenge & an opportunity to do some good for a change!!!
    • So send them your name and address

      If you're a hacker, you should be able to figure out the defense expert's email address as well.

      If you're serious about your claims.

      Have fun.

      And don't get caught, in which case that country will extradite you and give you what they believe condign punishment would be.
  • U.S. naievity

    I assumed the U.S. already had a "new Bletchley Park" (to quote the article) for cyberwarfare. It's fairly naive of us not to. But to recruit hackers that could be trusted would be difficult.
    Richard Joyce
    • Trusted?

      It would be unlikely that they would be trusted in any meaningful sense. It's a bit like trusting C4 not to blow off your fingers. You don't trust hackers, and you don't let them into the NSA/CIA etc. They don't get high level security clearance. You put them on the other side of the blast shield and encourage them to target desired targets. You inspect their methods (and code), and incorporate gathered intel and what works after vetting. One does not trust drug addicts, but one uses them as informants. Hackers are not like drug addicts, mind you. They are more likely to be gifted, bored, and undervalued than your average street informant. Hackers may or may not be trustworthy, but even if they are not, they can be a tremendous asset if directed and supervised.
      Mr. Copro Encephalic to You
  • Hire them and then audit them

    This has been standard practice for a long time in law enforcdement. Hackers get lighter sentences if they turn around and advise law enforcement of hacking techniques and how to either prevent them proactively or track them after the fact. I hired a young man who was caught hacking, and after taking care of his legal issues, became the most trusted person on my staff. The thing that has to happen, as I did in this case, is to monitor and audit. The problem with most managers is they are either too lazy or not technically competent enough to correctly monitor and audit staff actively.
  • Lol...

    Hacker == Computer enthusiast.

    In no way shape or form does the term "hacker" mean a malicious or person or criminal. You have hackers that are malicious (black hat) and those that are simply security experts (white hat) that hack in defense of others and their data.

    The US started an organization called the Information Warfare Center which was to be the CIA/FBI/NSA of the internet. The DIA, CIA, FBI and of course the NSA are only a few places where hackers are actually working in similar IW centers...

    If there is any reason for the US to be behind then I would have to say that it is because we have the rest of the world manufacturing our network routers and network firewalls. We may be designing them here but they are being assembled in other countries like China. It wouldn't be too difficult to reverse engineer something you have all the source and schematics to and then find it's weaknesses and back doors...

    Many people in the US may not know this, but their routers from their ISP are purposely built with back doors for the ISP to use in case it needs servicing over the net. A lot of the information on how to access these is now public for any 12 year old with a laptop to use. Any files on anything connected to your wireless router, including your smartphone, can be accessed via the internet and some magical hacking. There is really no way around it, even with special firewalls, all US traffic is routed through servers that look for and log your information...

    If you want to keep something secrete, don't digitize it, don't write it down and certainly don't tell anyone you have a secrete to hide...
    • Should have said...

      In no way shape or form does the term "hacker" mean a malicious person or criminal.
      • Arg...

        secret... not secrete... :P
        • Yes.

          It DOES make a difference.

    • True

      There is a contextual difference...
      • regarding hackers, that is...

        and if they do what they do is for good or for eeeevil....
  • Pluses and minuses

    US cybersecurity efforts via the standard motley crew of government contractors are typically random, inept, and lacking in imagination and ideas. The NSA was evidently crippled by extremely poor management and adverse politics during the last administration so that wasn't of much use for years (although apparently it's been recovering since.) Outside top tier hackers and cyber experts can definitely help in situations like these, but...politics has become so, so divisive in this country that you cannot count on outside cyber wanting to stick around if they find a new administration, especially in regards to the new agency and and department heads that will inevitably be brought in, personally very odious.

    It would be likely musc better in the long run to have outside hackers and cyber experts to focus more on helping to improve internal cyber security efforts, and maybe serve as fall-back help in major crises.