Microsoft on Hackers: If you can’t beat them hire them

In the past several weeks there have been many high profile websites which have been hacked. Sony, Sega, and Citigroup have all had their security breached and because of their lack of security, and possible lack of knowledge on how to secure their sites, some 140 million people around the world have had their personal information stolen.

Microsoft can now be added the list of high profile companies who have been hacked. Microsofts Xbox Live service recently came under attack, but instead of taking legal action against the culprit like the other companies listed have done, Microsoft done something quite different.

Age is nothing but a number

Xbox Live is one of the largest gaming networks in the world. Millions of people play their games online over the service and the potential for loss is staggering. If someone hacked into Microsoft servers they would have access to tens of millions of user accounts.

In May of this year, someone did the unthinkable and they gained access to the largest online gaming network in the world. The hacker gained access to Xbox servers through a fault found in the popular Call of Duty: Modern Warfare 2 game, and while the hacker had access to millions of accounts, they decided to do nothing with that information. It seems as though the hacker was just playing around to see if it could be done. Obviously Microsoft did not see the funny side of things, especially as a similar attack rendered the Sony Playstation Network useless for 6 weeks.

Microsoft started their investigation into the security breach and quickly found the hacker. Their search led them to Dublin, Ireland. When they arrived at the house of the attacker Microsoft officials were stunned to find out that their hacker was just 14 years old.

A different approach

Sony’s troubles started after they went after their hacker through legal channels. The hacking world was so angry at Sony’s legal pursuit that a group set out to destroy its network, and they succeeded. Having learnt from the Sony fiasco, Microsoft decided to go about things in a different way.

The general manager for Microsoft in Ireland revealed during a keynote speech that the Xbox Live network had been hacked and that Microsoft were alarmed at how quickly the 14 year old broke through their defenses. Microsoft obviously knew that someone who had the skills to hack their servers could have something to offer, so they decided that they would offer the youngster an internship so that they could help him develop his skills, and find out how he hacked the servers so that they could fix the weak security.

If you can’t beat them join them

I often wonder why more major companies do not offer hackers jobs. Obviously they have the skills needed to break down their defenses, which in turn means they have the knowledge and skills needed to make their security much tougher to break.

I like Microsofts approach of if you cannot beat them, hire them. Microsoft has made a name for itself in the hacking world for embracing hackers rather than fighting them off. After a group called Chevron hacked, and jailbroke their new smartphone operating system Windows Phone 7, they decided to work alongside the group so that the hacking community could help Microsoft understand how they do what they do, and now it seems as if they are doing the same when it comes to Xbox Live.

Companies could get their hands on some of the most gifted software developers around if they hired people from the hacking community. At the end of the day if it means that online security could be improved I cannot see the harm in hiring those who once set out to cause havoc.

This guest post is by Brett Day,  from Moore, Oklahoma. He is a featured contributor for Yahoo! Contributor Network in Technology. He has a huge interest in the world of technology, home theater, and video games. Brett loves writing and sharing his knowledge on all of these subjects.