{"id":8293,"date":"2015-05-15T10:10:25","date_gmt":"2015-05-15T14:10:25","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8293"},"modified":"2015-05-15T10:10:25","modified_gmt":"2015-05-15T14:10:25","slug":"uk-spy-agency-says-to-hackers-come-work-for-us","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/15\/uk-spy-agency-says-to-hackers-come-work-for-us\/","title":{"rendered":"UK spy agency says to hackers: Come work for us"},"content":{"rendered":"<p>The UK government surveillance agency GCHQ needs more hackers. The normally secretive agency has taken the unusual step of posting a job advert &#8211; and a press release &#8211; about its hunt for IT security staff.<\/p>\n<p>It&#8217;s the first time GCHQ has openly recruited for what it describes as &#8216;computer network operations specialists&#8217;.<\/p>\n<p>The job description throws a little more light on the role: &#8220;In cyber security roles, our operations specialists may find themselves working in a team, or seeking to defend government systems against criminals seeking to steal information, identities or money,&#8221; it says.<\/p>\n<p>What&#8217;s particularly interesting is that while the agency is looking for staff to work in cyberdefence &#8211; the relatively standard job of detecting and preventing attempts to attack the UK&#8217;s critical national infrastructure &#8211; it&#8217;s also looking for &#8216;cyber intelligence&#8217; experts who will take a more exotic approach.<\/p>\n<p>&#8220;Cyber intelligence specialists might need to develop software to access the computers of a terrorist group, or carry out operations to retrieve vital online clues about the location and identity of members of an organised crime ring,&#8221; GCHQ said.<\/p>\n<p>We know from the Snowden revelations that GCHQ has a long history of using such techniques. Among other things, it has been accused of involvement in the hacking of SIM maker Gemalto in an attempt to grab encryption keys used for mobile phones, and of launching a distributed denial-of-service attack against Anonymous hacktivists (in both cases GCHQ said all of its work &#8220;is carried out in accordance with a strict legal and policy framework&#8221;).<\/p>\n<p>So why go public now?<\/p>\n<p>Partly it&#8217;s because &#8211; thanks to such news stories and leaks &#8211; everybody now knows that GCHQ does this sort of thing, so there&#8217;s little point in pretending anymore.<\/p>\n<p>GCHQ&#8217;s more public stance is also a reflection of greater openness about the capabilities of the intelligence service: the UK government recently published a set of draft guidelines which lay out how spies can use electronic hacking and bugging devices, in order to provide a legal framework for the activities of the UK&#8217;s security and intelligence agencies at home and abroad.<\/p>\n<p>Some of this openness is a (reluctant) result of Snowden, some of it the result of the gradual maturing in cyberdefence and offensive strategies: for example, the US is being much more open about its cyber capabilities. As a result, these sorts of activities are slowly emerging from the shadows.<\/p>\n<p>Being more open about recruitment could help the agency find candidates who would otherwise be reluctant to apply. That matters because GCHQ is hardly the only organization hiring when it comes to IT security.<\/p>\n<p>There&#8217;s a national and international shortage of security experts, and other recruiters &#8211; like the big banks &#8211; have got much deeper pockets. In contrast, GCHQ is offering a starting salary of \u00a327,913 and you&#8217;ll need to pass security check too.<\/p>\n<p>Admittedly, high-paid corporate jobs in financial services and the like don&#8217;t offer exciting work taking on organised crime but equally they don&#8217;t want you relocate to Cheltenham or Scarborough, either.<\/p>\n<p>All of this means that, for once, even for GCHQ, a bit of publicity can&#8217;t hurt.<\/p>\n<p>via <a href=\"http:\/\/www.zdnet.com\/article\/uk-spy-agency-says-to-hackers-come-work-for-us\/\" target=\"_blank\">UK spy agency says to hackers: Come work for us | ZDNet<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The UK government surveillance agency GCHQ needs more hackers. The normally secretive agency has taken the unusual step of posting [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[412,453],"class_list":["post-8293","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-gchq","tag-hackers"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-29L","jetpack-related-posts":[{"id":7747,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/03\/03\/security-now-496-your-questions-steves-answers-207\/","url_meta":{"origin":8293,"position":0},"title":"Security Now 496: Your Questions, Steve&#8217;s Answers 207","author":"NCCT","date":"March 3, 2015","format":false,"excerpt":"Hosts: Steve Gibson with Leo Laporte Leo and Steve discuss the week's major security events, including the revelation of the Lenovo crapware \"Superfish,\" the joint GCHQ\/NSA Gemalto attack which rendered cellular phones insecure, and Steve answers more of your questions!","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6649,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/10\/16\/security-firm-discovers-windows-zero-day-claims-russian-hackers-used-it-to-target-nato-ukraine\/","url_meta":{"origin":8293,"position":1},"title":"Security firm discovers Windows zero-day, claims Russian hackers used it to target NATO, Ukraine","author":"NCCT","date":"October 16, 2014","format":false,"excerpt":"A Russian hacking group has been exploiting a security flaw in Microsoft Windows to spy on NATO, the Ukrainian government, the European Union, an American academic organization, and companies in telecommunications and energy sectors, according to cyber intelligence firm iSight Partners. The group, which has been active since at least\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8413,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/06\/16\/us-fears-second-major-breach-exposed-more-employee-data\/","url_meta":{"origin":8293,"position":2},"title":"US fears second major breach exposed more employee data","author":"NCCT","date":"June 16, 2015","format":false,"excerpt":"A second major cyber breach that might reveal far more personal and damaging information appears to have hit the U.S. government\u2019s Office of Personnel Management (OPM). The breach was apparently carried out by hackers with connections to China and targeted a database containing copies of the government\u2019s Standard Form 86,\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7685,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/27\/hackers-impersonating-it-staff-popular-tactic-in-data-breaches-fireeye-finds\/","url_meta":{"origin":8293,"position":3},"title":"Hackers impersonating IT staff popular tactic in data breaches, FireEye finds","author":"NCCT","date":"February 27, 2015","format":false,"excerpt":"Fresh FireEye research suggests that today's cyberattackers are becoming smarter about the systems they seek to break, and are commonly using impersonation and social engineering to tap into the most common weakness in the security chain -- employees. Within FireEye's sixth annual M-trends report, which tracks the threat landscape and\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7030,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/05\/iranian-hackers-have-been-targeting-critical-infrastructure-for-the-last-two-years-says-report\/","url_meta":{"origin":8293,"position":4},"title":"Iranian hackers have been targeting critical infrastructure for the last two years, says report","author":"NCCT","date":"December 5, 2014","format":false,"excerpt":"For the past two years, a Tehran, Iran-based hacker group has breached the computer networks of around 50 of the world's top energy, transport, and infrastructure companies, including 10 US-based firms According to cyber security firm Cylance, the campaign dubbed Operation Cleaver has so far only focused on intelligence gathering,\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6848,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/11\/14\/chinese-hackers-suspected-in-usps-breach-data-on-every-employee-compromised\/","url_meta":{"origin":8293,"position":5},"title":"Chinese hackers suspected in USPS breach, data on every employee compromised","author":"NCCT","date":"November 14, 2014","format":false,"excerpt":"The FBI is investigating a data breach at the U.S. Postal Service in which employees\u2019 personal data may have been compromised. Every person on staff with the Postal Service, from the Postmaster General down to letter carriers, was exposed according to a report from the Washington Post. Sources familiar with\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8293","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8293"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8293\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8293"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8293"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8293"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}