Hacking Their Way to a Job?

"In my opinion, he could have stored the user information on their profiles but he didn't," Rowland said. "He didn't use it to steal personal information."

By hiring Mooney, Rowland isn't only getting new talent but publicized talent, "and I think that's a good thing for our company," he said.

Although some companies might be wary of hiring a rogue programmer, Rowland said he himself could have fallen in a similar category. Now 24 years old, he started programming in his teens.

He couldn't disclose many details but said he once worked in military intelligence and "landed that position in a similar fashion." He said he couldn't disclose what agency he worked for or any other details.

Hacker Have Valuable Skills

And Rowland and Mooney have company.

Just last month, a New Zealand teenager, Owen Thor Walker, who helped a crime gang hack into more than 1 million computers worldwide and skim millions of dollars from bank accounts, landed a job as a security consultant for a telecom company, The Associated Press reported.

In hiring Walker, the company said Thor had the skills that senior executives needed to understand security threats.

And one of the most notorious hackers of all time, Kevin Mitnick, was just 17 when he was first arrested for computer crime.

He broke into computer systems at Novell, Motorola, Sun, Fujitsu and other firms, stealing their software and crashing their machines. He was caught, for the last time, in 1995.

He served four years but now runs his own computer security firm and has written two books including "The Art of Intrusion."

Highly-Publicized Hacking Stories Not the Norm

But many computer security experts caution that these examples aren't the norm.

"Anybody that would release any kind of thing into the wild is not someone we'd ever want to be associated with," said Kevin Haley, the director of security firm Symantec's security response team.

He told ABCNews.com that while security firms obviously look for smart people who understand what unlawful hackers do, there's no need to actually let a worm go out into the wild.

Chris Boyd, the director of malware research for FaceTime, a Belmont, Calif. IT security, management and compliance company, said if young programmers like Mooney spot flaws, there are better ways of alerting companies than exploiting them to make a point.

"Part of security research -- part and parcel of it -- is that companies will ignore you when you bring [flaws] to their attention," he said. "It takes time. If he doesn't want to deal with that, maybe this isn't the field for him."

Yet there are hundreds of thousands of teenagers wreaking all kinds of havoc online, he said, and the ecosystem that supports their Internet mischief rewards illicit hacking.

"There is something that's being perpetuated -- if you go on any number of teen hack forums, there's a section on there that lists the top ten hackers that ever lived. Quite a few of those guys made their ways into a respectable living," Boyd said.

Black Hat Route Is a Myth

But by no means, he emphasized, is the recommended or most effective route. Of the hundreds of people he knows in the security world, none were ever black hats. (In computing lingo, black hats are those who penetrate computers without authorization for profit, fun or protest. White hats, sometimes called "ethical hackers," are computer security professionals hired by companies whose intent is to keep computers and networks safe.)

  • 1
  • |
  • 2
  • |
  • 3
Join the Discussion
blog comments powered by Disqus
You Might Also Like...