Can you trust poachers who turn gamekeeper?

Share this article:

Hiring a former virus writer is not necessarily good for business, but it will certainly get people talking about your company.

After employing a couple of the world's best known authors of malicious code, two European firms are sparking fierce debate in the IT security world.

"Sometimes, the poacher turned gamekeeper proves successful. But there comes a question of who you can trust," said Len Couture, CIO at network vendor Enterasys. "I'm not sure if I would advise it."

Last month, Czech applications vendor Zoner Software hired a member of the infamous virus-writing group 29A (hexadecimal for 666). A 22 year-old named "Benny" now develops anti-virus software and has allegedly cut ties with his former cohorts.

But despite assurances that he is operating successfully, some industry experts have their doubts.

"We've spoken to people like this in the past and, in my experience, they can't do the job," said Shimon Gruper, VP of security software company Aladdin. "When people have been writing malicious code, they don't have the tools or experience to write securely."

In response to such criticism, Zoner Software argued Benny's experience in virus creation proves he understands how computer security attacks work. If he is successful, there are plans to move into the anti-virus sector.

In September, German IT security firm Securepoint hired 18 year-old Sven Jaschan, self-proclaimed author of the Netsky and Sasser worms. But the move seems to have backfired, with AV vendor H+BEDV now refusing to do any further business with Securepoint.

"We take a dim view of employing virus authors," explained Tjark Auerbach, CEO of H+BEDV.

"The attempt to offer a second chance to an allegedly reformed person must be balanced against the exclusive security interests of our customers."

But Securepoint hit back. "It is not a big company and we don't do very much work with it," said Lutz Hausmann, technical director of Securepoint. "If it wants to do this, then that is fine. I don't care."

Jaschen was arrested in May this year and is still awaiting a court hearing. He said his worms were of a vigilante nature, and designed only to destroy other viruses.

Victims of the Sasser and Netsky viruses include Delta Airlines and the European Commission.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.