New Zealand telco denies hiring botnet operator arrested in FBI-led operation
Walker pleaded guilty to infecting more than 1M computers
Computerworld - One of New Zealand's largest telecommunications companies is downplaying reports that it hired as a security consultant a teenager who was arrested in 2007 after an FBI-led investigation fingered him as the operator of a massive international botnet operation.
Chris Mirams, a spokesman for Auckland-based TelstraClear Ltd., yesterday said the company had asked Owen Walker to be a speaker at two customer seminars last October and November. Walker's image was also used in a targeted advertising campaign for TelstraClear's DMZ Global security unit, Mirams said.
But apart from that contract, which lasted "approximately two months," TelstraClear has not engaged Walker in any other capacity, Mirams said. "He was contracted for those duties only and was not, and is not, a full-time employee," Mirams said in an e-mail.
Walker, 19, was one of those arrested in the second phase of the FBI's Operation Bot Roast aimed at taking down botnets worldwide. Walker was accused of running a network including more than 1.2 million infected computers that was used by cybercrooks to steal millions of dollars from banks worldwide.
Among those arrested in the operation was Ryan Goldstein, a native of Ambler, Pa., who was charged with using the botnet run by Walker to launch distributed denial-of-service attacks against the University of Pennsylvania and several Internet Relay Chat groups.
Walker, whose online handle was "AKILL," admitted to making about $30,000 from his operations. He pleaded guilty last year and was fined $14,000 by a New Zealand court.
Earlier this week, an Associated Press story said that Walker had been given a "new job" as a consultant at TelstraClear. The story generated scores of other news media reports and blog posts, many of which suggested that Walker had been hired by TelstraClear as a consultant to help advise the company on dealing with botnets and other threats.
Mirams, however, downplayed any suggestions that Walker had been offered anything more than a speaking engagement on behalf of TelstraClear. "He has not presented any seminars to TelstraClear staff, used any computer equipment or had access to our network," he said.
Mirams said feedback the company received from customers who attended Walker's presentation was very positive. "They found the information he provided a valuable insight," he said. Mirams added that prior to contracting Walker for the speeches, TelstraClear consulted with his police case officer, who had offered positive feedback. The company also read both the judge's and Walker's probation service reports that were filed with the court, Mirams said.
"We also spoke with Owen and his mother about how he felt about the activities that led to court and what he wanted to do going forward," Mirams said. "He reiterated what the probation report stated, that he realized what he had done and was sorry for it. Owen told us he wanted to help New Zealand businesses protect themselves against such activity," Mirams said.
What to do with convicted hackers after they have served time or paid their debt to society has been a matter of debate.
Just recently, the CEO of a search engine company who hired a convicted botnet leader stoutly defended his decision. Jason Calacanis, founder and CEO of start-up Mahalo.com Inc., claimed he had hired John Schiefer without knowing that Schiefer was awaiting sentencing after pleading guilty to four felony counts involving computer crimes. Calacanis said he decided to stick with Schiefer even after discovering his past and would rehire him when he finishes his four-year prison term.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!