Untitled Document
LAS VEGAS (Reuters) - Attention hackers: Uncle Sam wants you.
As scam artists, organized-crime rings and other miscreants find a home on
the Internet, top federal officials are trolling hacker conferences to scout
talent and talk up the glories of a career on the front lines of the information
wars.
"If you want to work on cutting-edge problems, if you want to be part
of the truly great issues of our time ... we invite you to work with us,"
Assistant Secretary of Defense Linton Wells told hackers at a recent conference
in Las Vegas.
Wells and other "feds" didn't exactly blend in at Defcon, an annual
gathering of computer-security experts and teen-age troublemakers that celebrates
the cutting edge of security research.
The buttoned-down world of Washington seems a continent away at Defcon, which
was named as a spoof on the Pentagon's code for military readiness derived from
"defense condition." Graffiti covers the bathroom walls, DJs spin
electronic music by the pool until dawn and hackers who "out" undercover
government employees win free T-shirts.
At a "Meet the Feds" panel designed to bridge the cultural divide,
a young man waved a pages-long manifesto and demanded, "I would like to
know why the federal government, especially some of the law enforcement agencies,
are destroying this country."
Despite appearances, hackers and the government have long enjoyed a symbiotic
relationship.
Federal research dollars funded development of the Internet and many other
cutting-edge technologies, and many hackers first learn the ins and outs of
computer security through military service before moving on to private-sector
jobs.
College students in computer-security programs can have their tuition picked
up by the government if they agree to work there when they graduate.
ATTACKING FOREIGN NETWORKS?
The Pentagon is rumored to employ hackers to attack foreign networks. A Pentagon
spokesman was not available for comment.
Feds have been a key part of the Defcon audience since its inception in 1992,
though they are required to stay at off-site hotels to avoid some of the wilder
goings-on.
Along with recruiting, the conference gives federal officials a chance to develop
sources and keep up with new research.
"I'm learning while I'm here but I'm also getting the names of people
I can maybe call on later so we have a better understanding as cases go along,"
said Don Blumenthal, who oversees the Internet lab for investigators at the
Federal Trade Commission.
Tensions between feds and hackers ran high in 2001 when the FBI arrested Russian
programmer Dmitri Skylarov at the conference for writing a program that could
break copy protection on electronic books.
The relationship between the two sides has turned less adversarial in recent
years, according to long-time attendees, and government employees now account
for nearly half of the audience. Some Defcon staffers even hold down day jobs
with the National Security Agency and other government shops.
"You can't be deceived by the uniforms," said technology commentator
Richard Thieme. "I talked at the Pentagon, and one-third of the people
in the audience I already knew from Defcon."
That's not to say that Defcon has gone straight. The ability to break into
computer systems is prized above all, and conference attendees whose computers
fell prey to their colleagues' attacks are displayed on a "wall of sheep."
Some hackers spent the weekend in their hotel rooms cooking up a new way to
take control of the Cisco Systems Inc. (CSCO.O: Quote, Profile, Research) routers
that underpin much of the Internet.
Many defend this "black hat" approach, arguing that attacks that
cause damage in the short term raise awareness of online threats and thus improve
the security picture as a whole.
Lynn and other feds made clear that they are not interested in working with
those who break into computer systems without permission.
"We're looking for people who haven't crossed that line yet," said
Jim Christy, director of the Pentagon's Cyber Crime Institute. "You've
got to get folks with the right morals."
The FTC's Blumenthal said that while he was impressed with the honesty of the
people he had met, he would double-check the information he receives from them
as he does with other sources.
"I have to feel confident that what I'm getting is a straight story,"
he said. "I find out if I have a curve thrown at me."