The U.S. government has a problem with hackers—but not the kind you think. The problem I refer to is Uncle Sam’s reputation of hostility towards hackers, which makes it difficult to hire the sort of people the country needs to tighten up its sprawling computer networks.
I discovered this firsthand by polling hackers and security experts in San Francisco this week, asking if any of them would ever consider working for the government. In a room of hundreds of people, fewer than ten hands went up.
That’s bad news because the crowd, who was attending an event by the bug bounty firm HackerOne, are exactly the sort of people the government needs: Smart and creative technologists who are well versed in hacker culture, and capable of protecting the U.S. from cyber attacks on its websites and infrastructure.
Their reluctance to join the government is two-fold. The first reason stems from long-running mistrust over the government’s persecution of hackers like Aaron Swartz, a young genius who uploaded academic journals from MIT, and Samy Kamkar, who faced a lengthy criminal ordeal over a caper involving the social network MySpace (which he related in humorous detail to the HackerOne crowd).
The government’s second hiring challenge is more prosaic. Namely, talented hackers don’t want to trade in plush positions and big bucks at cool technology companies to work for an average salary in the unglamorous world of the civil service.
Fortunately, not everyone feels this way. One example is Mike Chung, a former manager at Apple who left to help lead the Digital Defense Service, and run programs like “Hack the Pentagon” and “Hack the Airforce,” which offer cash prizes to hackers who find vulnerabilities in military software. Another is Jacob Kaplan-Moss who used to direct security at Heroku but now works for 18F, a government agency that’s helping the likes of the IRS harden its computer defenses.
At the HackerOne event, both men said their work comes with a sense of mission missing from many corporate jobs, and also described the sweeping impact a hacker can make inside the government. They also made the case that Uncle Sam is overcoming its aversion to hackers, and recognizing it needs to accommodate their culture.
Their pitch was persuasive, and even led some young hackers to ask Chung and Kaplan-Moss how to get involved with the government. While many in the room remained skeptical, the good news is that the government appears to recognize they need a few good hackers—and might even do what it takes to get them.