1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Germany's young hacker recruits

Lewis Sanders IV
March 21, 2017

The BND, Germany's foreign intelligence agency, has directed a recruitment campaign for budding digital forensics analysts. But who are they looking for? DW examines the recruitment process.

The BND logo pictured at the 60th anniversary of the founding of the intelligence agency in Berlin
Image: picture-alliance/dpa/H. Hanschke

Amid concerns of high-profile cyberattacks and disinformation campaigns ahead of key parliamentary elections in September, Germany's Federal Intelligence Agency (BND) has made a concerted effort to recruit young hackers.

The BND's mission includes obtaining intelligence as mandated by the federal government on key areas pertaining to foreign information, and it effectively aims to protect Germany and its interests. One of the tasks is to recognize and assess potentially-damaging espionage activities and prevent or minimize the fallout.

As Western nations rush to modernize their cyber defense policy, the BND is prominently soliciting applications on its website for digital and computer forensics experts, with the catchline "Sherlock Holmes in cyberspace: BND seeks digital forensics analysts."

Their ideal candidate's qualifications range from experience in reverse engineering to programming software relevant to "information generation" mobile platforms, according to job posts for cyber infrastructure specialists and computer scientists.

But besides prominent placement of job postings on their website, what else does the recruitment process entail?

Forensics challenge

An allied intelligence agency has requested assistance from the BND. Hackers infiltrated a web server of a state insurance company. The attackers changed the root password of the server, effectively giving them full rights.

They also stored data in a protected directory. Although an administrator tried to create a new root password, that person failed to do so. How did the hackers originally get into the network without console access to the system?

That's one part of a forensics challenge would-be BND candidates are expected to undertake, respond to and evaluate. In order to complete the application process, they are required to attach their technical responses to the scenario, answering questions that include what kind of data did the hackers store on the server and what vulnerabilities did they exploit.

Dominik Herrmann, visiting professor of information security management at Siegen University and post-doctoral researcher at Hamburg University, told DW that the recruitment exercise focused on "classical security-related programming and configuration errors."

"None of it is surprising. All of it is very basic stuff, which is also taught in our university courses," Herrmann said. In fact, one of his students completed the challenge.

Russian cyberespionage comes to Germany

'Off-the-shelf' recruits

The BND uses these scenarios not only to gauge their prospective employees' digital forensics capabilities, but to also put them in pragmatic situations.

However, Herrmann told DW that the most security and forensics experts familiar with Linux environments, an open-source operating system, "should have no problem solving the challenge."

"The challenge gives no hints of any special qualifications needed that differ from what is needed in a corporate role," Herrmann said.

"They appear to be looking for 'off-the-shelf' software security engineers. This is exactly the same profile that is sought by corporations in the security sector, for instance, intrusion detection and anti-virus vendors," he added.

Others recruit differently

Earlier this month, the US Department of Justice charged two Russian intelligence officers and two criminal hackers accused of stealing information from at least 500 million Yahoo accounts.

The plot twist is that the intelligence officers, Dmitry Aleksandroyich and Igor Anatolyevich Suschin, recruited Alexsey Alexseyevich Belan in 2013 upon returning to Russia after being arrested in Europe and escaping extradition to the US. Belan was on the FBI's Cyber Most Wanted criminals list.

"Instead of acting on the US government's Red Notice and detaining Belan after his return, Dokuchaev and Sushchin subsequently used him to gain unauthorized access to Yahoo's network," the DOJ said in a statement.

Questions of cybersecurity and defense have recently made it to the forefront of political discourse in the wake of allegations that Moscow tampered with the US presidential election in support of Donald Trump's campaign, prompting fears among German officials of a repeat ahead of September's Bundestag elections.

Risks: Limiting competency

Whether the BND's latest recruitment campaign stems from a new directive remains a mystery to those outside the organization and the federal government. However, their push in the domain of digital forensics is noteworthy in an environment of growing security threats.

But Herrman told DW that despite the challenges posed by the BND's scenario, other intelligence agencies' challenges are purportedly more difficult, such as the UK's GCHQ.

"Its difficulty is on an introductory to intermediary level, which is understandable, because the BND probably doesn't get many applications, so they likely don't want to turn away potential candidates," Herrmann said.

"On the other hand, if the BND recruits only engineers with this level of knowledge, they risk limiting their competency considerably," he added.