by Chris Bodenner
[Brian Honan, who set up Ireland’s first Computer Emergency Response Team (CERT),] said the real problem around luring talented hackers into law enforcement largely comes down to one thing. And that’s money. “The problem faced by law enforcement agencies, including the FBI, is the salaries that are on offer. Many talented hackers can demand high salaries in the private sector or indeed even more from criminal gangs,” he said.
A sub-£100k ($170k) per annum salary isn’t worth bothering with for many, given a hacker can make that kind of money in one go by selling a zero-day exploit (code that targets unpatched, unknown vulnerabilities in software). It’s down to them whether they want to hand their zero-day to a legitimate exploit broker, who tend to have big contracts with governments and law enforcement anyway, or to a criminal organisation, which could use it for nefarious purposes like stealing money from internet users.