August 11, 2005

US officials go to hackers’ convention to recruit

By Andy Sullivan

LAS VEGAS (Reuters) - Attention hackers: Uncle Sam wants

As scam artists, organized-crime rings and other miscreants
find a home on the Internet, top federal officials are trolling
hacker conferences to scout talent and talk up the glories of a
career on the front lines of the information wars.

"If you want to work on cutting-edge problems, if you want
to be part of the truly great issues of our time ... we invite
you to work with us," Assistant Secretary of Defense Linton
Wells told hackers at a recent conference in Las Vegas.

Wells and other "feds" didn't exactly blend in at Defcon,
an annual gathering of computer-security experts and teen-age
troublemakers that celebrates the cutting edge of security

The buttoned-down world of Washington seems a continent
away at Defcon, which was named as a spoof on the Pentagon's
code for military readiness derived from "defense condition."
Graffiti covers the bathroom walls, DJs spin electronic music
by the pool until dawn and hackers who "out" undercover
government employees win free T-shirts.

At a "Meet the Feds" panel designed to bridge the cultural
divide, a young man waved a pages-long manifesto and demanded,
"I would like to know why the federal government, especially
some of the law enforcement agencies, are destroying this

Despite appearances, hackers and the government have long
enjoyed a symbiotic relationship.

Federal research dollars funded development of the Internet
and many other cutting-edge technologies, and many hackers
first learn the ins and outs of computer security through
military service before moving on to private-sector jobs.

College students in computer-security programs can have
their tuition picked up by the government if they agree to work
there when they graduate.


The Pentagon is rumored to employ hackers to attack foreign
networks. A Pentagon spokesman did not return a call seeking

Feds have been a key part of the Defcon audience since its
inception in 1992, though they are required to stay at off-site
hotels to avoid some of the wilder goings-on.

Along with recruiting, the conference gives federal
officials a chance to develop sources and keep up with new

"I'm learning while I'm here but I'm also getting the names
of people I can maybe call on later so we have a better
understanding as cases go along," said Don Blumenthal, who
oversees the Internet lab for investigators at the Federal
Trade Commission.

Tensions between feds and hackers ran high in 2001 when the
FBI arrested Russian programmer Dmitri Skylarov at the
conference for writing a program that could break copy
protection on electronic books.

The relationship between the two sides has turned less
adversarial in recent years, according to long-time attendees,
and government employees now account for nearly half of the
audience. Some Defcon staffers even hold down day jobs with the
National Security Agency and other government shops.

"You can't be deceived by the uniforms," said technology
commentator Richard Thieme. "I talked at the Pentagon, and
one-third of the people in the audience I already knew from

That's not to say that Defcon has gone straight. The
ability to break into computer systems is prized above all, and
conference attendees whose computers fell prey to their
colleagues' attacks are displayed on a "wall of sheep."

Some hackers spent the weekend in their hotel rooms cooking
up a new way to take control of the Cisco Systems Inc. routers
that underpin much of the Internet.

Many defend this "black hat" approach, arguing that attacks
that cause damage in the short term raise awareness of online
threats and thus improve the security picture as a whole.

Lynn and other feds made clear that they are not interested
in working with those who break into computer systems without

"We're looking for people who haven't crossed that line
yet," said Jim Christy, director of the Pentagon's Cyber Crime
Institute. "You've got to get folks with the right morals."

The FTC's Blumenthal said that while he was impressed with
the honesty of the people he had met, he would double-check the
information he receives from them as he does with other

"I have to feel confident that what I'm getting is a
straight story," he said. "I find out if I have a curve thrown
at me."