The intersection of cybersecurity policy and intelligence community ambitions presents a paradox that deserves careful examination. On one side stands the legitimate need to defend national and commercial digital infrastructure. On the other lies a surveillance apparatus that has repeatedly demonstrated its willingness to operate beyond constitutional boundaries, often under the cover of the very cybersecurity mandate it claims to serve.
The Proposal to Recruit Criminal Hackers
John Arquilla, the U.S. Naval Postgraduate School professor who coined the term “cyberwarfare,” publicly argued that the United States should stop aggressively prosecuting hackers and instead recruit them into military and intelligence roles. He described the government’s approach as counterproductive, suggesting it had poisoned the relationship between federal agencies and the hacker community while squandering potentially valuable talent.
The idea had surface-level appeal. Redirecting skills used for criminal purposes toward defensive or strategic objectives is a concept with historical precedent. Governments have long sought to convert poachers into gamekeepers when specialized expertise was needed.
The Problem With the Enterprise Itself
The difficulty with this proposal was not the hackers themselves but the institutional framework they would be entering. A significant and growing portion of U.S. cybersecurity operations had expanded beyond defending against external threats and into domestic surveillance of American citizens. This was not speculation but established fact, confirmed through the disclosures of multiple whistleblowers, including revelations about the NSA’s warrantless wiretapping program.
The attitude driving this expansion was captured in a 2001 paper by former USAF Lt. Col. George A. Crawford, who wrote that information operations personnel, including those conducting psychological operations, deception, and computer network operations, were critical for strategic success. He acknowledged that the public and media viewed government-sponsored information efforts with suspicion and concluded that “these efforts must take place away from public eyes.”
Crawford later served on the board of Archimedes Global, one of numerous intelligence contracting firms providing information operations services to government agencies.
Cybersecurity as a Dual-Use Tool
The core challenge was that “cybersecurity” had become a term encompassing two fundamentally different activities. The first was genuine defense of networks, data, and critical infrastructure against foreign adversaries, criminal organizations, and other legitimate threats. The second was the expansion of surveillance capabilities directed inward at domestic populations.
The proportions of these two categories remained opaque by design. Intelligence officials had both the incentive and the authority to classify details that might reveal how much of the cybersecurity apparatus was oriented toward monitoring citizens rather than protecting them.
Power, Money, and Institutional Momentum
The expansion of surveillance-oriented cybersecurity operations was driven by powerful institutional incentives. The intelligence contracting industry represented billions of dollars in revenue. Agencies that demonstrated growing capabilities secured larger budgets. And the legal frameworks governing these activities had been steadily weakened through legislation and secret legal interpretations that stretched constitutional protections to their breaking point.
The question of whether to recruit talented hackers into this system became less about the individuals and more about the system they would serve. Introducing skilled operators into an apparatus already prone to overreach risked accelerating the very trends that civil liberties advocates had been warning about since the early days of the digital surveillance era.
