Insight into Hacking Targets: Headhunters Make Slip Ups but the Often Ignore Them
October 7, 2021
I read “Former NSA Hacker Describes Being Recruited for UAE Spy Program.”
Here’s the passage I noted:
There were no red flags because I was so naive. But… there’s a ton of red flags [in retrospect]…. [For example] when you’re in the interview process and you’re talking about defending [the UAE] and … doing tracking of terrorist activity,… but then you’re [being asked] very specific questions about integrated enterprise Windows environments and [how you might hack them]. Guess who doesn’t have those type of networks? Terrorist organizations. So why [is the recruiter] asking these kinds of questions…?
Several observations:
- Perhaps a training program for those exiting certain government work assignments would be helpful? It could be called “Don’t Be Naïve.”
- Gee, what a surprise: Specific questions about hacking integrated enterprise Windows environments. Perhaps Microsoft should think about this statement from the article and adjust its security so that headhunters ask about MacOS, Linux, or Android?
- Does the government’s monitoring of certain former employees need a quick review?
Stephen E Arnold, October 7, 2021