×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cyberwarrior Shortage Threatens US Security

CmdrTaco posted more than 3 years ago | from the who-wouldn't-want-that-on-their-card dept.

Security 394

An anonymous reader writes "US security officials say the country's cyberdefenses are not up to the challenge. In part, it's due to a severe shortage of computer security specialists and engineers with the skills and knowledge necessary to do battle against would-be adversaries. The protection of US computer systems essentially requires an army of cyberwarriors, but the recruitment of that force is suffering. 'We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,' says James Gosler, a veteran cybersecurity specialist who has worked at the CIA, the National Security Agency, and the Energy Department."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

394 comments

H1b? (5, Funny)

Anonymous Coward | more than 3 years ago | (#32966898)

if there is such a shortage of talent maybe we can offshore this responsibility? Maybe to China? As a bonus it will be less expensive.

Re:H1b? (3, Insightful)

Maarx (1794262) | more than 3 years ago | (#32966920)

if there is such a shortage of talent maybe we can offshore this responsibility? Maybe to China? As a bonus it will be less expensive.

Trolling: When you do it right, nobody realizes you've done anything at all.

Re:H1b? (0, Funny)

Anonymous Coward | more than 3 years ago | (#32967122)

Especially when you cut an undersea cable.

Oh, you meant trolling. Nevermind.

Re:H1b? (0)

Anonymous Coward | more than 3 years ago | (#32967044)

You deserve a +5 Troll. Well done, Sir!

Re:H1b? (0)

Anonymous Coward | more than 3 years ago | (#32967200)

You'll have to outsource it to India or China soon anyway - you just don't have enough good guys (and gals) wanting to study Computer Science in the US anymore.

And while you're at it, outsource most of NASAs tasks to India too - anyway half your country keeps cribbing about the 'hyper inflated budget allocated to NASA'. Anyway the Indians keep launching sats for the Israelis and others - they might give you some bargain basement prices for launches as a goodwill gesture.

Ah, better to crack'em down. (5, Insightful)

alexborges (313924) | more than 3 years ago | (#32967296)

Go look for the idiot that started the Hacker's Crackdown in th 90's. The result of this attitude was to either push some kids to the edge where the russian mob recruited them in on form or another, or plain make them corpodrones, albeit very good at typing crap into a cisco console, but perfectly worthless in the underlining of the net.

Bravo, idiots, might I remind you that here in the net, we forsaw and told you about this. And now you come complainin....

Re:H1b? (2, Interesting)

countertrolling (1585477) | more than 3 years ago | (#32967386)

Gee, why don't we just outsource the entire military, including the pentagon? In fact, let's outsource everything so we can just sit and munch Chitos all day? Of course we could treat people with respect, you know, like their rights, and maybe they'll come looking for the job.

There isn't a shortage (1, Insightful)

Anonymous Coward | more than 3 years ago | (#32967440)

Anyone who has ever worked in government IT knows that it is the last place for a competent person. The average bureaucrat considers IT to be one of the easiest ways to launder kickbacks for party supporters. Competence ONLY gets in the way. Worse, they'll even try to get you to make that slop work. Fall on your swords now, "cyberwarriors". (snort!)

waves (1, Interesting)

Anonymous Coward | more than 3 years ago | (#32966904)

and yo know if you had not of tricked those two russians into the usa and hten arrested them....you might just not have this issue
2002 onwards

united hackers association
CHRoNoSS

( offered loads a jobs in usa but after the Russian incident will never go to the usa again )

Duh, they are in jail. (4, Insightful)

tekrat (242117) | more than 3 years ago | (#32966908)

The USA has a bad habit of arresting anyone with the skills and curiosity to perform such tasks. Instead of arresting and jailing "hackers" they should employ them, and then maybe we'd have enough people for the "cyberwar" they are talking about

Re:Duh, they are in jail. (5, Insightful)

Sponge Bath (413667) | more than 3 years ago | (#32966982)

The USA has a bad habit of arresting anyone with the skills and curiosity to perform such tasks.

...and refusing the skilled and desperately needed service of anyone who "likes show tunes".

Re:Duh, they are in jail. (0)

Anonymous Coward | more than 3 years ago | (#32967264)

Those kind of people are all *pple lusers, hence not skilled h4xx0rs.

Re:Duh, they are in jail. (5, Insightful)

Anonymous Coward | more than 3 years ago | (#32967504)

"The USA has a bad habit of arresting anyone with the skills and curiosity to perform such tasks." ...and refusing the skilled and desperately needed service of anyone who "likes show tunes".

How is this off-topic? At a certain level of government, homosexuality is enough to get you excluded from the game. That means there are likely some qualified candidates who are excluded based off a fairly arbitrary criteria.

Most especially amusing is that because they make you hide it, they use the fact that you are hiding it to show that you might be a security risk because someone could blackmail you.

Seriously, the parent poster makes an insightful point.

Re:Duh, they are in jail. (-1, Troll)

bonch (38532) | more than 3 years ago | (#32967048)

Sure would love to see examples of all these innocent hackers the U.S. has a bad habit of arresting. Oh, wait, you were talking about the very adversaries the U.S. is trying to fight. Yeah, I'm sure hiring bank robbers to guard a bank is the best idea in the world.

Re:Duh, they are in jail. (2, Insightful)

arkane1234 (457605) | more than 3 years ago | (#32967236)

Check out the 80's and 90's. Pointing it out to you piecemeal is about like pointing out dead bodies on a battlefield.
Unless your 18 years old, I'm sure you remember SOMETHING from those "ancient" years 10-20 years ago.

Re:Duh, they are in jail. (2, Informative)

alexborges (313924) | more than 3 years ago | (#32967394)

Go read The Hackers Crackdown, its available online, and enlighten yourself. Some of the best minds in the net told the government back in the day how stupid it was to incarcerate people that commited no real crime.

Re:Duh, they are in jail. (3, Insightful)

MintOreo (1849326) | more than 3 years ago | (#32967402)

This. There are two main problems with this and thats that the best criminal hacker they pick up can't be better than the best "good guy" and that the pay off of cybercrime can be incomparably greater than the salary they'd be taking from the government (and every cybercriminal knows this).

That's not to say that there are no hackers that it'd be good to reach out to, it's just an extreme risk they'd be taking.

Re:Duh, they are in jail. (3, Interesting)

Monkeedude1212 (1560403) | more than 3 years ago | (#32967166)

I'm here in Canada - and I've tested the waters on controversial legal issues with computers - and I've considered going into the definately illegal waters just to see what would happen with the law.

There was a case a long while back where a high schooler in Montreal or somewhere in the East Coast of the United States (I heard the story second hand from someone so I'm sketchy on the details) where he basically set up a botnet, and then to test it out he had it perform a DOS attack while he was at school, I think he ended up taking down CNN.com or Yahoo for a bit or something.

Anyways, they hauled him off to juvee or some low security prison for a few years, and when he got out he was hired almost immediately for a security specialist job. (I believe at one of the websites he took down)

I'd try it myself but I'm too old to go to Juvee...

Re:Duh, they are in jail. (1)

Culture20 (968837) | more than 3 years ago | (#32967168)

The USA has a bad habit of arresting anyone with the skills and curiosity to perform such tasks. Instead of arresting and jailing "hackers" they should employ them, and then maybe we'd have enough people for the "cyberwar" they are talking about

Sounds like the perfect premise for the 2015 remake of the Dirty Dozen.

Re:Duh, they are in jail. (5, Insightful)

causality (777677) | more than 3 years ago | (#32967196)

The USA has a bad habit of arresting anyone with the skills and curiosity to perform such tasks. Instead of arresting and jailing "hackers" they should employ them, and then maybe we'd have enough people for the "cyberwar" they are talking about

It's part of a greater "war on curiosity" that's a fear-based initiative to stamp out any and all behaviors that even slightly deviate from a prescribed norm. Locking up those "evil hackers" is part of this. Another part of this is the way people are getting threatened by cops, security staff, and other jack-booted thugs for legally taking photos in public places. You also can't get a truly good chemistry set anymore, because somebody might use the glassware to make drugs. Now they complain that they can't find good personnel for something that requires initiative, individual thought and a willingness to think outside the box and see things from multiple angles.

That serves them right. They've been systematically stamping out any kind of unapproved curiosity and exploration in the name of safety for a long time now. They've also done nothing but encourage the outsourcing trend of sending a great deal of IT talent to places like India, and you really do want US citizens to perform this kind of national security work. Then there's the general untrustworthiness of the US government as an institution, the idiocy and abuses and mismanagement that it perpetuates and the moral implications of joining up with them. That might further alienate domestic talent that would otherwise be interested. As far as I am concerned, they are reaping what they have sown.

Re:Duh, they are in jail. (4, Insightful)

EdIII (1114411) | more than 3 years ago | (#32967340)

There is another possibility too you know.

We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in timeWe don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time

Do *you* support our national security objectives? I know I don't.

Especially since some people seem to be doing their damnedest to make copyrights a matter of national security. I'm sorry, let me take that back. ACTA negotiations already show that copyrights are a matter of national security.

Re:Duh, they are in jail. (3, Insightful)

arkane1234 (457605) | more than 3 years ago | (#32967412)

The thing that scares me about it is, how do you interview for such a position? It really reminds me of when I was 21-22 years old and the FBI (not CIA since that was for offshore stuff at that time) would cuff you and interrogate BBS owners if they were suspected of anything more than owning a computer... even then you were suspect. I've had BBS sysops I was friends with (locally) that were ransacked by the FBI, and their items held in custody indefinitely... all over fabricated things so they could search the equipment. Of course nothing ever was pinned on any of them except for one who was an idiot and did Warez on an open system. The rest were just sysops with no illegal tendencies.

Scared the shit out of me when I was learning C back then and saw all of the rules the feds had in effect that were mixed and mashed when it came to computer activities. A lot of archaic rules that were hypocritical of current rules and they overlapped instead of one taking precedence.

One reason I encrypted my entire harddisk and downloaded as many docs as I could off of the 'net at that time... before the feds realized "that thar intARwEb" had info.
This was before the browser, of course...

Re:Duh, they are in jail. (3, Interesting)

Anonymous Coward | more than 3 years ago | (#32967278)

You need to read Where Have All The Hackers Gone [blogspot.com]. The guy who wrote it got a bronze Olympic medal returned to the US with a Google search. Worth reading.

They do employ them as informants. (1)

elucido (870205) | more than 3 years ago | (#32967392)

So I guess its not traditional employment because its an offer the hacker cannot refuse.

Re:Duh, they are in jail. (1)

eln (21727) | more than 3 years ago | (#32967448)

The problem with recruiting via the justice system, meaning recruiting black hats who get caught, is that you're hiring from a pool with demonstrated ethical issues. Sure, their technical skills may be top notch, but hiring someone who has already shown they're willing to circumvent legal and ethical boundaries just to satisfy their own curiosity is asking for trouble.

Re:Duh, they are in jail. (1)

tool462 (677306) | more than 3 years ago | (#32967532)

Why not both? Do it the old fashioned way. Arrest them, then tell them they have to join the CyberArmy or go to prison.

Stupid tags (0, Offtopic)

jeffmeden (135043) | more than 3 years ago | (#32966928)

I'm not allowed to tag stories, but the moron who managed to misspell "cyberwarfare" as "cyberwarefare" is free and clear, huh? Nice job, Slashdot.

Re:Stupid tags (4, Interesting)

causality (777677) | more than 3 years ago | (#32967020)

I'm not allowed to tag stories, but the moron who managed to misspell "cyberwarfare" as "cyberwarefare" is free and clear, huh? Nice job, Slashdot.

I can't seem to tag stories either and I have no idea why. I can add a tag and it appears to work, but I have never once refreshed the Slashdot main page and seen any tag I have applied. That is, they seem to just go straight to /dev/null. Tags I try to apply do seem to show up on my user page, however.

Re:Stupid tags (2, Interesting)

jeffmeden (135043) | more than 3 years ago | (#32967420)

For me, in both FF and IE, the tag interface is simply static, I can't even try to add a tag. If I log out and clear my cookies (on either browser) the interface starts working again, and I can even post a tag if I carefully use the interface to add a tag and *then* log in as it prompts me to do so... and it will become a tag that appears on the main page.

I have to think this is some sort of poorly implemented tag-ban, as I used to be able to (and did) tag stories up until a few months ago.

Re:Stupid tags (1)

codeonezero (540302) | more than 3 years ago | (#32967546)

Put in the right tag, and ! the wrong one. I'm so confused on how the tag system operates I rarely use it, and yeah sometimes I can't tag stuff either. Maybe it's a Karma thing?

How are they recruiting? (0)

Anonymous Coward | more than 3 years ago | (#32966934)

How is the US recruiting to meet this demand? If they are doing it at universities, they are doing it wrong.

We don't have sufficiently bright people (1)

mcfatboy93 (1363705) | more than 3 years ago | (#32966954)

We don't have sufficiently bright people

well DUH, the 'cyber warriors' that the government wants are hard to find. mostly because they are either trained IT security professionals or a kid who figured out how to hack his school to change his grades. the first of the 2 will be easy to get with the increase in IT students. however unlike china, there is sever punishment for committing cyber crimes. china and other countries have the right idea of hiring the hackers instead of locking them away like we used to do

Re:We don't have sufficiently bright people (1)

alexborges (313924) | more than 3 years ago | (#32967480)

What? No no, one thing is to say that US policy has gotten it in the wrong side of history, which I think is factually correct, and another to say that china does not crack down on its hackers.

In china, you go and hack your school computer and youll probably end up in a nice concentration camp.

Where do I sign up? (0)

Anonymous Coward | more than 3 years ago | (#32966964)

I'm a young system admin with two years experience and would be extremely interested in expanding my network security knowledge. Maybe they need to advertise better? I know lots of fellow would-be hackers looking for interesting work.

Is anyone surprised? (2, Insightful)

Anonymous Coward | more than 3 years ago | (#32966966)

The US treats anyone with the least bit of curiosity or know-how with suspicion.

Jail time? (5, Insightful)

IICV (652597) | more than 3 years ago | (#32966972)

Maybe it's because we call anyone with even the smallest amount of computer knowledge a witch^H hacker, and burn them at the stake^H^H^H^H^H^H put them in jail (or detention, for the juveniles) while banning them from using computers?

It's pretty simple, guys. If you ban model rockets, you won't get a generation of rocket scientists. If you ban chemistry kits, you won't get a generation of chemical engineers. If you ban playing around with computer systems, you won't get a generation of hackers.

Re:Jail time? (3, Insightful)

0racle (667029) | more than 3 years ago | (#32967080)

Playing around and breaking the law are two different things. Some laws stifle learning and need to be changed, but most do not.

Re:Jail time? (1)

Thud457 (234763) | more than 3 years ago | (#32967366)

These bitches [wikipedia.org] should have their own Time-Life series of books sold on TeeVee.

Of course, a true geek would realize that such books should only be a springboard to further inquiry...

Re:Jail time? (0)

bonch (38532) | more than 3 years ago | (#32967120)

Maybe it's because we call anyone with even the smallest amount of computer knowledge a witch^H hacker, and burn them at the stake^H^H^H^H^H^H put them in jail (or detention, for the juveniles) while banning them from using computers?

We do? Could you cite some examples of all these innocent computer users being thrown in jail for having a small amount of computer knowledge?

It's pretty simple, guys. If you ban model rockets, you won't get a generation of rocket scientists. If you ban chemistry kits, you won't get a generation of chemical engineers. If you ban playing around with computer systems, you won't get a generation of hackers.

Could you cite some examples of "playing around with computer systems" being banned as well? Or are you just following a narrative cliche to get upmods?

Re:Jail time? (3, Insightful)

Culture20 (968837) | more than 3 years ago | (#32967244)

It's pretty simple, guys. If you ban model rockets, you won't get a generation of rocket scientists. If you ban chemistry kits, you won't get a generation of chemical engineers. If you ban playing around with [other people's] computer systems, you won't get a generation of [computer crackers].

FTFY. It's illegal for a reason.

Re:Jail time? (0)

Anonymous Coward | more than 3 years ago | (#32967458)

If you ban chemistry kits, you won't get a generation of chemical engineers.

That's OK. We legislated chemical engineering out of existence in the US long before we banned the chemistry kits.

Funny how.. (3, Interesting)

SuperCharlie (1068072) | more than 3 years ago | (#32966992)

"We don't have sufficiently bright people moving into this field"

Yet we have sufficiently bright people who can create a system that rapes the stock market.

Re:Funny how.. (4, Insightful)

Rob Riggs (6418) | more than 3 years ago | (#32967082)

"We don't have sufficiently bright people moving into this field"

Yet we have sufficiently bright people who can create a system that rapes the stock market.

Which one pays better?

Re:Funny how.. (0)

Anonymous Coward | more than 3 years ago | (#32967428)

mod parent up.

in a system where the score is kept by the size of one's wallet; the most likely conclusion is that the implication of success does not exist in these roles.

Re:Funny how.. (1)

arkane1234 (457605) | more than 3 years ago | (#32967456)

It's hard to hire bright people who can hack systems, when they want them to be law abiding citizens as they hire them.
*boggle*

Perception... (5, Insightful)

mlts (1038732) | more than 3 years ago | (#32966994)

It is all about perception. I see high school advisors telling kids to stay away from computer science because they will be fighting for jobs against the whole world (programmers from India, sysadmins from the Bay Area, etc.) Instead, they tell them to go law because "there is no such thing as an unemployed lawyer."

Russia and China, it is different. There, their security guys doing blackhat/white work are viewed with similar respect as Special Forces guys are viewed here, as heroes for their country. Here in the US, a CS/IT person is looked at as someone who is going to be unemployed as soon as the PHB finds some offshore firm.

Change the perception, make it cool to be a CS/IT person. THEN you will have your "cyberwarriors" that are on par with the Russian/Chinese blackhats. Otherwise, the CS students will be taking their CS degree into law or business school.

Re:Perception... (4, Informative)

Animats (122034) | more than 3 years ago | (#32967192)

Instead, they tell them to go law because "there is no such thing as an unemployed lawyer."

There are now many unemployed lawyers. See the lawyer layoff list. [law.com] There's now "legal process outsourcing [legalproce...urcing.com], and it's not just clerical work any more. You can now send work to cheap lawyers in a Bangalore call center.

A lawyer I was using was recently laid off by his downsizing law firm. It happens.

Re:Perception... (0)

Anonymous Coward | more than 3 years ago | (#32967462)

Until two years ago... it didn't happen. It conveniently happened right as I finished my first year of law school. There are now tons and tons of young lawyers with no job prospects and huge amounts of student debt. Fortunately I have a software engineering background to fall back on. Most of my classmates are not so lucky. Sure, a few have landed jobs in big law firms. Some of those people will end up being very successful. Most of the rest of my class... not so much.

Re:Perception... (1)

frosty_tsm (933163) | more than 3 years ago | (#32967298)

Change the perception, make it cool to be a CS/IT person. THEN you will have your "cyberwarriors" that are on par with the Russian/Chinese blackhats. Otherwise, the CS students will be taking their CS degree into law or business school.

There is a definitely a perception fix needed, but we need more. If we want to build up cyberwarriors, we need to reduce our exporting of jobs (offshoring), experience (H1B), and knowledge (foreign students). I'm not saying stop, but keep it in check.

Second, we know how to train a soldier or a spy but we don't know how to train a cyber warrior. If we haven't had the equivalent of the OSS yet, we need it now. Also, what would be the incentive? People still join the military when they run out of employment options (I know one), but most (if not all) good candidates will be making 6 figures in the private sector. We would need the best, not the can't-make-it-in-industry types. The government would probably need to spend the kind of cash they waste on defense contractors building weapons to fight an imaginary war with Russia.

Thoughts?

Re:Perception... (1)

Culture20 (968837) | more than 3 years ago | (#32967432)

"there is no such thing as an unemployed lawyer."

I know two unemployed lawyers, and no unemployed sysadmins. /anecdote

Re:Perception... (1)

wholestrawpenny (1809456) | more than 3 years ago | (#32967528)

Yes, the best we could come up with is Ben Affleck playing a super-computer-genius by connecting a ribbon cable to a microchip (paycheck). Do that, and you get to sleep with Uma Thurman. Ooo, big prize.

Maybe this man's ideas are misplaced... (2, Interesting)

bogaboga (793279) | more than 3 years ago | (#32966998)

'We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,' says James Gosler, a veteran cybersecurity specialist who has worked at the CIA, the National Security Agency, and the Energy Department."

I wonder whether this gentleman has thought about the idea that his "national security objectives" cannot be achieved by computer science at all. In other words, those objectives are misplaced...simply put.

Could I be right?

Re:Maybe this man's ideas are misplaced... (4, Insightful)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#32967230)

The fact that we are using the ridiculous term "cyberwarrior" suggests that, at the very least, the people writing the PR playbooks don't have a fucking clue.

In addition to being corny as hell, "cyberwarrior" implies a dangerously literal application of traditional military doctrines(ie. you have the civilians, who do whatever, and then you have an army that stands between them and the bad guys and blows things up) to computer security. With networked computers, aside from the specific case of DOD sysadmins, virtually all of "computer security" is about making sure that the (overwhelmingly civilian) software and systems are properly designed and built. That isn't something that you are going to do by having a few "cyberwarriors" to hack through the enemy's code walls, or whatever. That is only doable by, more or less, massively increasing the status(and cost, sorry MBAs...) of programmers, software engineers, sysadmins, etc.

Obviously, there will be some need for near-black-hats to spook around hostile networks in the service of various sinister three letter agencies; but the vast majority of "computer security" is much closer to being analogous to a civil engineering or public health question than it is to being a military one. Trying to solve "cybersecurity" with a relatively small number of "elite cyberwarriors" is rather like trying to keep a population from dying of cholera by building a few world-class research hospitals(with bed space for like 1% of the cases), rather than having civil engineers knock together a water system...

You could be. But I'll disagree. (1)

khasim (1285) | more than 3 years ago | (#32967266)

Our government needs MASSIVE improvements in their computer security. But the requirements of the government (get it secure now) are the opposite of the requirements of business (keep it just sucky enough to be able to sell the next version).

And with that situation, no matter how many smart people you have working in government, there will always be more work than they can do. Which leads to hiring people who are less smart. And just about anyone in IT can tell you what happens when you put less skilled people in charge of a system.

We brought this on ourselves, perhaps (1, Insightful)

Anonymous Coward | more than 3 years ago | (#32967012)

Maybe if the country wasn't so obsessed with computer crime that it looks for black-hat hackers in ridiculous places [wikipedia.org], we wouldn't have this problem.

Chemistry sets and other "gateway drugs" to the sciences and engineering are also not as easily available any more. And isn't "creativity" declining too [newsweek.com]?

insufficiently bright (1)

ralphdaugherty (225648) | more than 3 years ago | (#32967014)

'We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,' says James Gosler, a veteran cybersecurity specialist who has worked at the CIA, the National Security Agency, and the Energy Department."

      That's ok, just click on brightness and adjust. Works for my monitor.

      If you can't get them bright enough for when you move backward in time, that's when we have a problem.

We need more smart idiots (0)

Anonymous Coward | more than 3 years ago | (#32967032)

The protection of US computer systems essentially requires an army of cyberwarriors, but the recruitment of that force is suffering. 'We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,' says James Gosler

Translation: we don't have enough really smart people willing to work for peanuts.

Well, it does sound rather boring.... (0)

Anonymous Coward | more than 3 years ago | (#32967038)

Who wants to work in that environment? It isn't like the movies.

I'm sure they will eventually fill their quotas with University of Phoenix grads.

well stop arresting hackers for BS then (3, Funny)

RobertLTux (260313) | more than 3 years ago | (#32967040)

all y'all have to do is setup a few sub sub basements with a few racks and fridges and then move anybody that can
hack the doors into the group (of course filter for the obvious "problems").

a few hints
1 most good hackers will have some sort of criminal record
2 hackers may or may not like a normal uniform and the hair thing may be an issue
3 when you have a group setup DO NOT VISIT DO NOT ASK "HOW" (plausible deneyability is a good thing)
4 psych evals may be another issue

Re:well stop arresting hackers for BS then (1)

qbzzt (11136) | more than 3 years ago | (#32967234)

How would the managers know if the people they hired to protect the system aren't a greater risk from those they are protecting from?

Re:well stop arresting hackers for BS then (0)

Anonymous Coward | more than 3 years ago | (#32967332)

Wow, sounds like a bad Xfiles episode! Where do I sign up? I want to be typecast as the plucky hacker who's shy around girls but manages to be so adorably scruffy that they fall in love with him anyway. Ideally, my love interest would be played by Jennifer Love Hewitt. Acceptable alternatives include most latin american supermodels.

Re:well stop arresting hackers for BS then (1)

Telecommando (513768) | more than 3 years ago | (#32967338)

When I read this article I was thinking along the same lines: that many people who would be bright enough to be a asset are also bright enough to know that they would have dificulty passing a background check, a drug check, complying with a strict dress code, regular hours, ...

I don't know what the solution is but I wonder if in this case, the military is it's own worst enemy -- deliberately disuading from service the very types of people they need to court: the open-minded, free-thinking, sociatal-challanged oddballs who look at problems differently from everyone else.

(And before someone jumps all over me, yeah, I probably fit in there somewhere.)

Cyber Warriors lol (3, Insightful)

hypergreatthing (254983) | more than 3 years ago | (#32967050)

Yes. I know what they should do. Bring back photon and use it as a recruitment tool http://en.wikipedia.org/wiki/Photon_(TV_series) [wikipedia.org]

Who in their right mind would join up with a organization which wants to call you a Cyber Warrior?

I mean, i get it from the perspective of appropriating money that should be used for better causes and justifying your 6 figure salary and all. But this whole thing is laughable.

Because those jobs suck. (3, Insightful)

Zeek40 (1017978) | more than 3 years ago | (#32967066)

A big part of the problem is that those jobs are very unappealing. First the applicants have to get a security clearance, which weeds out all non-citizens and a good deal of other applicants, then they are forced to work in secure facilities that feel like caves or underground bunkers, and on top of that they aren't allowed to discuss what they do in anything but the most general terms. Taking a job doing cyber ops for the government is volunteering to put a giant gap in your resume that you can't discuss.

Re:Because those jobs suck. (1)

qbzzt (11136) | more than 3 years ago | (#32967220)

How many of those jobs are actually in the government? Most of our critical infrastructure (phone system, backbone, water supply, electrical supply, and so on) is privately owned and operated.

Re:Because those jobs suck. (1)

gad_zuki! (70830) | more than 3 years ago | (#32967502)

This is a good point and I was wondering the same thing. Why would we need more government security guys? Its in private industry that we need better security. Sure, the government could play a hand in that, but if your company isn't taking security seriously and using vendors that tie their hands, then all the government help in the world isn't going to help.

There's no real cyberwar going on. There's just a bazillion skirmishes between hundreds of thousands of players. The government is just one player. Private industry must up its game.

Re:Because those jobs suck. (1)

Zeek40 (1017978) | more than 3 years ago | (#32967540)

Sorry, I meant government contracting. Almost all of the jobs are at civilian companies, but you need a security clearance to do them, so you're operating under the umbrella of the DoD.

Re:Because those jobs suck. (0)

Anonymous Coward | more than 3 years ago | (#32967256)

And who wants to work for an agency that still requires a lie detector test. What a flipping joke, as if security clearance wasn't already bad enough.

They are full of it... (1)

elucido (870205) | more than 3 years ago | (#32967522)

The economy as it is right now has plenty of talented individuals just waiting to get hired. Theres 10% unemployment so there is no shortage of the labor force, as for qualifications these are skills which aren't learned in school so the government must already know who does what, they have enough fbi informants and others who gather information on anybody with any shred of credibility as far as computer skills go.

So either they people they want to hire would rather remain unemployed than work for them (which means the job must suck and not pay well), or they are using this shortage as an excuse to raise the pay rates. The fact is theres plenty of people from the dot com bubble or from before that, who would be qualified to do most of this. Most of the people on slashdot have the skills to do the job, now the security clearance on the other hand thats where there will be shortages of qualified individuals.

Re:Because those jobs suck. (1)

arkane1234 (457605) | more than 3 years ago | (#32967544)

Interviewer: "It seems on your resume that there is a time period of uncertain activity. What were you doing for the last 3 years?"
Interviewee: "Government work"

A bad deal (4, Interesting)

DoofusOfDeath (636671) | more than 3 years ago | (#32967078)

The federal government has a habit of imposing soul-crushing bureaucracies on its workers.

Probably only a very small fraction of citizens are talented and inclined to do cyberwarfare and are willing to put up with the bureaucracy.

Shortages (4, Interesting)

Ukab the Great (87152) | more than 3 years ago | (#32967084)

I'd believe in stuff like

1. Shortages of people who patch their systems
2. Shortages of companies who are willing to pay security specialists a decent wage
3. Shortages of CTO's willing to pay for migration away from IE6 to something standards-compliant
4. Shortages of armed services who'd take overweight computer professionals over 30
5. The tooth fairy
6. Unicorns

But a shortage of cyberwarriors? That seems a bit far fetched.

Qualifications (1)

cdoggyd (1118901) | more than 3 years ago | (#32967102)

Sounds like an interesting career. What are the education, work experience, etc. requirements? Do you have to participate in a hack-off competition against a 13 year old script kiddie?

I hear... (0)

Anonymous Coward | more than 3 years ago | (#32967106)

...they dwell in Azeroth.

Angelina Jolie available (1)

Orga (1720130) | more than 3 years ago | (#32967110)

I believe she just finished her last film up so if we need more hackers let's get her on it.

Wrong shortage (1)

flaming error (1041742) | more than 3 years ago | (#32967116)

> a severe shortage of ... [sufficiently bright people]...
> with the skills and knowledge necessary to do battle

How many do we need? I submit that the number of brilliant hackers we need is quite small; if any shortage exists, it will be in the botnet, not the conference room.

Expensive and Job Outlook is... (1)

Chibi (232518) | more than 3 years ago | (#32967130)

I remember looking into some Information Assurance type programs a few years ago, as the buzz about this field (especially in the government sector) was beginning to pick up (or at least when I first became aware of it). Some of these programs cost about $50,000 USD a year. It was just too expensive in my eyes. Perhaps that's just become the cost of private higher education, but that doesn't make it easier to accept. I don't recall what the starting salaries for these types of specialists were, though.

The other concern I'd have is that a lot of organizations receiving security audits would probably not be too cooperative. We all know that government work isn't always the most attractive, and one of the challenges they face are attracting people to interesting work, not being trapped for years in a political maze.

Perhaps high enough salaries can attract more talent, but they'd still lose out on plenty of people because of the environment. And having worked in Federal IT for a bit, it's a black hole of money and productivity. I'm sure there will be plenty of individuals and companies scrambling for their piece of this pie, but I wonder how much of a difference they'll actually make (besides to their own bottom lines)?

The root of the problem... (3, Insightful)

stagg (1606187) | more than 3 years ago | (#32967156)

...is legal and cultural. The US penalizes innovation and experimentation more than anyone. The US government is responsible for the DMCA and massive efforts to punish people for hacking their own hardware and software, ludicrous prison terms, and so forth. On top of that you have a move away from generic, "hackable" computers to walled garden, Apple style technologies. That kind of culture doesn't really nurture a generation of future hackers. We don't encourage youth people to explore technology, we want them to play by the rules and keep their noses clean. With hacking hardware and software so stubbornly discouraged, it's no wonder that not very many people have the desired skill set.

Many problems (0, Flamebait)

Caerdwyn (829058) | more than 3 years ago | (#32967178)

There are several serious problems at work here.

The first is that highly-talented hacker-types tend to be very libertarian (note the small-L) in their outlook. They believe in doing everything possible to minimize governmental authority and governmental interference in private lives; recent administrations and Congresses/Senates have been dead opposites. The caliber of people that the NSA wants are tuned into what's really going on, and propaganda (meaning; lies) that the government is not spying on US citizens for the political gain of the Capitol Hill gang are not going to be believed. When a prospective employer lies to you, it speaks volumes about the contempt they hold for you and whether they can be trusted. While the NSA may indeed be concerned with protecting Americans without being intrusive, the NSA's masters in the White House and Capitol have no such concerns.

Secondly, THIS administration has shown a willingness to retroactively throw its intelligence officers under the bus in return for political gain. When someone in the intelligence community asks "Is it okay to do [redacted]?" and are told "It's legal and approved"... four years later, they find themselves on trial. When we change administrations, the NEXT administration is going to remember this and roast THIS administration's intelligence officers over open coals. The precedent has been set. Who would ever want to take risks for a nation that holds them in contempt, and be demonized to squeeze a couple more votes out of an ignorant public?

Then there's the pay issue. If someone is good, THAT good, they know they can strike it rich in private industry. While the NSA recruiters at Black Hat say "oh, we'll pay you very well, we want to make sure you're living well enough to be bribe-resistant", they have an east-coast idea of what "good pay" is. Founders of Silicon Valley companies, even in this day and age, are paid mighty well when the exit strategy comes to fruition. That's what the NSA has to compete with, and the bean-counters don't believe it.

Work for evil, burned at the stake for the privilege, for less pay than other options. WHERE DO I SIGN?

Working for the goverment blows (4, Interesting)

malice95 (40013) | more than 3 years ago | (#32967180)

People who are typically drawn to computers are often not very good canidates for the military lifestyle. And to become good at Securing systems or hacking them.. you need be breath, eat and sleep computers (especially hacking them).

Hacking skills are not taught in schools and working for the goverment pays c@rp.. why would someone who spent years developing highly saught after skills work for the latest cyberwarfare agency when they could make big bucks in the private sector.

There are plenty of highly skilled security folks out there "Defend the nation" to. I dont see any real recruitment efforts going on that are worth while.

Well, Duh! (2, Insightful)

Anonymous Coward | more than 3 years ago | (#32967184)

As an educator, specifically a computer science educator in higher education, I have to say that this is a shortage that the US has created. Let's see, if we outsource all IT jobs, and then allow various industry groups to sue the snot out of people based on their IP address; let's tell all potential students that jobs in this area can be done overseas, and that there is no reason to go into this area; let's pay low, low wages, and accept low-quality work from people who rose through the ranks due to politics rather than ability; let's reward people for paper certificates that they obtained through cram sessions and cheat sheets; let's do everything within our power to make this an unattractive field of study. And now, when bright, curious, intelligent people are needed in this field, let's wonder why they're not there.

Cynicism - the last refuge of those people who want to simply say, "Well, duh!"

Skills and knowledge AND... (5, Insightful)

terrahertz (911030) | more than 3 years ago | (#32967190)

In part, it's due to a severe shortage of computer security specialists and engineers with the skills and knowledge necessary to do battle against would-be adversaries.

Based on my own experience, I would argue that there is a severe shortage of computer security specialists and engineers with the skills and knowledge and desire to do battle against would-be adversaries. Whether it's a personal financial concern or a personal ethical concern, there are lots of great reasons for skilled and knowledgeable experts to seek employment elsewhere.

Poor Recruiting (2, Interesting)

Rob Riggs (6418) | more than 3 years ago | (#32967202)

Where are the recruiting posters, TV spots, and in-game adverts? I know the Marines and Army are looking. Where the heck does one sign up for cyber-warrior boot camp? What's the web site, email address or 1-800 number? Even the article leaves out that information. What a missed opportunity.

Hint: hire a marketing team first.

That's Not What's Doing It (1)

Greyfox (87712) | more than 3 years ago | (#32967238)

The problem is a culture of insecurity that is pervasive throughout the entire country. Corporate entities do the bare minimum required by law to enforce security "standards". Government contractors don't seem to take security into account any more than they have to either.

I worked at Data General for a while, on their B2 secure UNIX. My job was to audit functions in the C standard library for unexpected side-effects. I have never seen another company that pays that sort of attention to security. Data General's selling point was a secure platform, and they ended up going out of business and being purchased and gutted by IBM.

It would take a lot of work to actually mandate that the culture change for the entire government and private companies that build infrastructure components. Much easier to just pin the blame on a "lack of hackers." We'll know we're moving in the right direction when a exploit is released and a company fixes it immediately instead of blaming the people who found the exploit for releasing it.

Culture (1)

codepunk (167897) | more than 3 years ago | (#32967246)

The culture (wage,work environment, hiring, management) is all wrong to attract true talent. I would really have to be hard pressed for work to consider a government job.

The army you wish you had... (1)

Akido37 (1473009) | more than 3 years ago | (#32967272)

'We don't have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,'

All we have are a bunch of morons here.

Working on the wrong tasks (2, Interesting)

clyde_cadiddlehopper (1052112) | more than 3 years ago | (#32967294)

More than 850,000 people in the US hold Top Secret clearance. There are a lot of "sufficiently bright" technologists at NSA, CIA, DOD, etc and their contractors. Perhaps the issue is more one of priority than spending?

here you go, folks. free code. (1)

swschrad (312009) | more than 3 years ago | (#32967312)

if (ugly or terrorist or other_party or undesireable)

then (set off required little bomb in computer)

endif

you're welcome. the definitions table is up to you.

Impossible art.. (0)

Anonymous Coward | more than 3 years ago | (#32967322)

You can't get into this field legally because of the DMCA...

YouTube (1)

nOw2 (1531357) | more than 3 years ago | (#32967442)

Could it be because they're recruiting from the wrong place?

All the keyboard warriors seem to have moved to the YouTube comments section. If they're still recruiting Internet hardmen from Usenet then they'll not be getting the best.

Not enough incentive (2, Interesting)

EarlyMorningHours (1860500) | more than 3 years ago | (#32967482)

I work for a local government agency and have over 20 years experience in IT, with almost 10 in security. Due to a "small world" situation, my name came across the desk of someone at the FBI. I was informally asked what level of interest I would have working for them. I asked the guy several questions and came away with the following: Take a substantial pay cut, move my family over 400 miles away from most of our relatives, forfeit the retirement at my current employer, go through the FBI academy (no desire to go through another boot camp at my age). About the only upshot to the whole thing would be some good training. I'm sure there are jobs with other federal agencies, but I imagine that except for the academy, all of the other negatives apply. The thing that got me about this is that my skills are nowhere in the ballpark of what I imagine should be the skillset for this type of job. Maybe they're targeting people that they feel can be groomed into the position, but it seems to me that if they're going to take the issue seriously, they would be going for some top dogs and offering some real incentives to those people.

The enemy is not who you think they are. (3, Insightful)

vlm (69642) | more than 3 years ago | (#32967518)

necessary to do battle against would-be adversaries. The protection of US computer systems essentially requires an army of cyberwarriors

Who is the enemy? If you think its a nebulous "them", then you're wrong, its us.

"security" where I work is primarily focused on giving as many employees parking tickets as possible, monitoring our every move (although car breakins are of course not monitored), protecting the company from downsized employees, and generally being bullies.

I can assure you that "leet cyberwarriors" are not going to be used against enemy nation of the week, but against Americans. Against people with the mistaken idea they live in a free country. Against anyone standing in the way of the big corporations that pay for our elections. Against anyone whom does not understand they exist to serve the govt, not the other way around.

Hackers in uniform??!! (1)

BangaIorean (1848966) | more than 3 years ago | (#32967520)

Hackers, in general, tend to detest interference and authority. Hard to think of hackers in a top secret Government agency taking orders and working 9AM to 5PM, in an extremely straitjacketed environment. More importantly, I'm guessing the wages wouldn't be great

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...