Can you trust poachers who turn gamekeeper?

Share this article:

Hiring a former virus writer is not necessarily good for business, but it will certainly get people talking about your company.

After employing a couple of the world's best known authors of malicious code, two European firms are sparking fierce debate in the IT security world.

"Sometimes, the poacher turned gamekeeper proves successful. But there comes a question of who you can trust," said Len Couture, CIO at network vendor Enterasys. "I'm not sure if I would advise it."

Last month, Czech applications vendor Zoner Software hired a member of the infamous virus-writing group 29A (hexadecimal for 666). A 22 year-old named "Benny" now develops anti-virus software and has allegedly cut ties with his former cohorts.

But despite assurances that he is operating successfully, some industry experts have their doubts.

"We've spoken to people like this in the past and, in my experience, they can't do the job," said Shimon Gruper, VP of security software company Aladdin. "When people have been writing malicious code, they don't have the tools or experience to write securely."

In response to such criticism, Zoner Software argued Benny's experience in virus creation proves he understands how computer security attacks work. If he is successful, there are plans to move into the anti-virus sector.

In September, German IT security firm Securepoint hired 18 year-old Sven Jaschan, self-proclaimed author of the Netsky and Sasser worms. But the move seems to have backfired, with AV vendor H+BEDV now refusing to do any further business with Securepoint.

"We take a dim view of employing virus authors," explained Tjark Auerbach, CEO of H+BEDV.

"The attempt to offer a second chance to an allegedly reformed person must be balanced against the exclusive security interests of our customers."

But Securepoint hit back. "It is not a big company and we don't do very much work with it," said Lutz Hausmann, technical director of Securepoint. "If it wants to do this, then that is fine. I don't care."

Jaschen was arrested in May this year and is still awaiting a court hearing. He said his worms were of a vigilante nature, and designed only to destroy other viruses.

Victims of the Sasser and Netsky viruses include Delta Airlines and the European Commission.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.