Security industry hits out at 'ethical' hackers

NEWS UK security vendors have reacted angrily to the news that a group of the world's most experienced hackers have joined forces to launch their own company. At last week's InfoSecurity exhibition in London, cyber activist Kent Browne said that the group of ten hackers will "change the face of security as we know it". However, that claim has angered many in the industry. Kevin Street, technical manager at Symantec, said he would refuse to do business with the hackers. "Would you hire a thief to protect your house?" he said. "These people have earned their reputation proudly breaking into systems. Now you're automatically going to have to trust them because you're paying them money for a service? There's a bit of strangeness in that." Graham Cluely, senior technical consultant at anti-virus vendor Sophos, said the group may find it hard to be accepted in the marketplace. He said: "They may find they need to act in a more corporate way." "Who is going to buy software from someone who hides behind a pseudonym like 'Shrieking Radish' or 'Colostomy BagBoy' rather than a real name?" Cluely added. Michael Bacon, MD of SNCI Consulting, claimed the company wouldn't be a threat to established security vendors. "While the hackers undoubtedly have the expertise, this is often no more expertise than many legitimate security professionals." Bacon added: "My worry is 'once a hacker, always a hacker'. How content will people be to give hackers access to their systems?" But the negative reaction from vendors is unlikely to discourage the group. Sir Dystic, author of the infamous Back Orifice program and member of hacker group The Cult of the Dead Cow, told Silicon.com that hackers were already prevalent in the industry. Dystic said: "The industry does use hackers. Right now most of the large security firms and a lot of the small ones are almost entirely staffed by hackers whether they like it or not - and whether they know it or not."