Can you trust poachers who turn gamekeeper?

Share this article:

Hiring a former virus writer is not necessarily good for business, but it will certainly get people talking about your company.

After employing a couple of the world's best known authors of malicious code, two European firms are sparking fierce debate in the IT security world.

"Sometimes, the poacher turned gamekeeper proves successful. But there comes a question of who you can trust," said Len Couture, CIO at network vendor Enterasys. "I'm not sure if I would advise it."

Last month, Czech applications vendor Zoner Software hired a member of the infamous virus-writing group 29A (hexadecimal for 666). A 22 year-old named "Benny" now develops anti-virus software and has allegedly cut ties with his former cohorts.

But despite assurances that he is operating successfully, some industry experts have their doubts.

"We've spoken to people like this in the past and, in my experience, they can't do the job," said Shimon Gruper, VP of security software company Aladdin. "When people have been writing malicious code, they don't have the tools or experience to write securely."

In response to such criticism, Zoner Software argued Benny's experience in virus creation proves he understands how computer security attacks work. If he is successful, there are plans to move into the anti-virus sector.

In September, German IT security firm Securepoint hired 18 year-old Sven Jaschan, self-proclaimed author of the Netsky and Sasser worms. But the move seems to have backfired, with AV vendor H+BEDV now refusing to do any further business with Securepoint.

"We take a dim view of employing virus authors," explained Tjark Auerbach, CEO of H+BEDV.

"The attempt to offer a second chance to an allegedly reformed person must be balanced against the exclusive security interests of our customers."

But Securepoint hit back. "It is not a big company and we don't do very much work with it," said Lutz Hausmann, technical director of Securepoint. "If it wants to do this, then that is fine. I don't care."

Jaschen was arrested in May this year and is still awaiting a court hearing. He said his worms were of a vigilante nature, and designed only to destroy other viruses.

Victims of the Sasser and Netsky viruses include Delta Airlines and the European Commission.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

WikiLeaks makes FinFisher surveillance software available to public

Copies of controversial surveillance software, called "FinFisher," were made available for public scrutiny by WikiLeaks.

Researcher challenges reports that BlackPOS variant struck Home Depot

Nuix believes the malware found on Home Depot's systems belongs to a different threat family.

Documents reveal NSA plans to map every internet connected device in the ...

Documents provided by Edward Snowden reveal that the NSA is looking to build a near real-time map of every single internet-connected device in the world.