Should You Hire A Convicted Hacker?

What happens when hackers who have served time in prison or home confinement are released? The very skills that can land them behind bars are skills they share with high-achieving, law-abiding IT security professionals. But convicted hackers looking for legitimate employment are not necessarily finding it in the enterprise.

Witness Kevin Mitnick, cult hero for the computer kids and now a star of the lecture circuit. Or take Robert Tappan Morris, who unleashed the first-ever Internet worm in the 1980s. After serving probation, he became a tenured professor at MIT with a specialty in network architecture. Meanwhile, Kevin Poulsen, arrested for hacking federal systems, served five years, then made his name as a security researcher at SecurityFocus, before becoming a Wired News editor. (In his free time, Poulsen recently began mashing together public records and MySpace pages to track down sex offenders misbehaving online, which resulted in a related arrest.) On a similar note, after house arrest and probation for breaking into The New York Times intranet, Adrian Lamo turned journalist.

Their numbers are growing. The Department of Justice reports substantial increases in federal investigations and prosecutions of intellectual property (IP) violations. In FY2007, 287 defendants were sentenced for IP crimes, representing a 35 percent increase over FY2006 (213) and a 92 percent increase over FY2005 (149).