Not enough qualified ‘cyber warriors’?

By Michael Smith (Veshengro)

cyber warriors Many governments around the globe are presently very busy to prepare themselves for a “Cyberwar”. But, apparently, they are here faced with a serious problem and dilemma: they find it extremely difficult to recruit the people with the right Know-How and to retain them on a permanent basis. This problem seems to the not tied to any particular country or groups of countries: it affects the western nations equally as Russia or China.

Apparently there are simply not enough qualified experts according to John Bassett, member of the Royal United Services Institute in London and former leading member of the British Government Communications Headquarters (GCHQ), based in Cheltenham, Gloucestershire. The requirement would be to have ten times as many capable IT-experts as one has presently. Guess hackers are not happy to work for governments, necessarily. They rather do things in their own time at their own pace.

Cyberspace is likely to be a key battleground for states in the 21st century but recruiting those with the technical skills to fight there and retaining their loyalty will be a tough task.

From hacking attacks aimed at information theft and commercial espionage to the Stuxnet computer worm believed to have been designed to attack Iran's nuclear program last year, information warfare is rising rapidly.

Code making and breaking has been a prized skill in the art of espionage since ancient times but the swiftly moving pace of technology and the sometimes erratic personas of those at the cutting edge pose many challenges.

Therefore many countries around the globe are at present busy trying to establish themselves better and stronger in the field of “Cyberwarfare” but recruitment and especially the retention of the right personnel proves a challenge.

While “Hacker Competitions” at universities and also online may make it possible to recruit some experts retaining them is a different story and challenge. Another problem and challenge is that skilled specialists can burn out, be poached by the private sector or can be tempted by criminal or anti-establishment causes. Many of the best may have difficult, sometimes eccentric personalities and some are – sorry for putting that in here – autistic and thus even more difficult to deal with than the rest, which are difficult enough. Geeks are different in their psyche often than are we, ordinary folks.

Governments are very concerned that IT-experts, who for their activities need the highest security clearances and have to be granted those, could turn against their employers. As example they more often than not quote Private Bradley Manning who, so it is claimed, released a great amount of data to the whistleblowing organization “Wikileaks”.

In addition to that the essential skills that governments require for a successful protection of critical infrastructure and also for possible offensive activities, that is to say in order to conduct their own cyber attacks, are getting more and more diverse. Something which does not make recruitment of the proper kind of people any easier.

In order to get some more qualified personnel the British government is testing partnerships with the private sector but the experiment does not seem to be very successful at present and the government is not happy with the results as yet.

Countries such as Russia and China, on the other hand, are trying to recruit semi-independent patriotic hackers for their purposes. That approach has, however, only limited success as the control over such “troops” is still smaller than is the one over military and security service personnel.

It would appear that no one has the right answer here as yet and neither do I, before anyone asks.

Cyber attacks are, obviously, a serious worry but we could counter that easier than the governments would like us to believe.

If we would get away from using computers for everything from controlling cars, electricity generating and -transportation, gas transportation, communication, etc., and put a more or less manual approach back in.

The “smart grid”, for instance, is a problem waiting to happen and it would be rather easy to shut down some or even all power generating plants in a country simply by a cyber attack. Imagine that happening in a nuclear power plant and the cooling being affected. Chernobyl could then look like a walk in the park.

Bring back the human element and that also in other fields.

© 2011