Former LulzSec Member Employed by Payment Security Vendor

Former LulzSec Member Employed by Payment Security Vendor

Former LulzSec member “tFlow” has been hired by payments and cyber security group Secure Trading as an advisor.

Under his real name Mustafa Al Bassam, he will act as a security advisor on the company’s technology and services, including its new blockchain research project codenamed ‘Trustery’, which aims to commercialise blockchain technologies to improve the visibility and security of online payments.

Al Bassam will join the company part-time while continuing his computer science degree at King’s College London, he was approached to help the company develop and commercialise next generation payment innovations such as Bitcoin and blockchain.

As tFlow, Al Bassam was in charge of maintenance and security of the group's website and was 16 at the of his arrest in July 2011.

“Working with Secure Trading I want to develop tools to make online payments safer,” he said. “The financial services industry has traditionally been a few years behind the curve when it comes to security practices. Secure Trading is trying to get ahead with blockchain technology and create modern, secure and fit for purpose services for its customers.”

Kobus Paulsen, Chairman of Secure Trading, said: “There are very few experts in blockchain technology, and we’re very lucky to have Mustafa on board. By developing this project we hope to use his skills and create technology to help make the world of ecommerce safer for thousands of customers.”

In an email to Infosecurity, Adrian Davis, Managing Director, EMEA (ISC)2 said that while hiring at all levels is difficult, but individuals running organisations must judge the moral and ethical issues associated with hiring ex-criminals.

“My central concern with these kinds of appointments is the impression they give of our profession as being about ‘rock star technical gurus’,” he said.

“Often these kinds of appointments are made for marketing value as much as they are for the talent. As a profession – and one that is trying to address the skills gap across the breadth of needs – it’s an image that runs counter to our objectives, blurring the effort to attract the range of talent we need to protect our society and economy. Our latest Global Information Security Workforce Study shows that 46% of companies require more security analysts, as well as the need for a variety of skills far beyond the limited ones gained from malicious hacking activity.”

He is not the first LulzSec member to aid in the white hat side of the industry, as Ryan Ackroyd (Kayla) recently helped the NCA on their ‘#cyberchoices’ campaign with a video.

Nigel Harrison, Director of Business Engagement at the Cyber Security Challenge UK, said that the appointment will undoubtedly raise some eyebrows, but there is a well-known phrase about 'poacher turning gamekeeper'.

“Whilst cyber-crime is not a victimless crime, we do need to support rehabilitation and the principle of giving people a second chance,” he said. “But we should not lose sight of the fact that the best way into a well-paid job in this sector is by staying on the right side of the law and not to start out with a criminal record. Initiatives such as Cyber Security Challenge UK are here to support talented individuals to find such careers and inspire others to make the right study choices.

“At the end of the day, companies are ultimately responsible for their own security stance; recruitment decisions are a matter for individual organisations and have to be made for the benefit of the company, their shareholders and their clients/customers. I wish Mustafa Al-Bassam and Secure Trading every success."

Source: Information Security Magazine