The teenage hackers who've been given a second chance By Chris Quevatre

BBC News Online Published duration 3 April 2019

image copyright Getty Images

Step inside the offices of Bluescreen and you'll find some of the UK's most talented young hackers, dragged from a world of crime to fight for the other side.

These computer experts have swapped the confines of their bedrooms for a fairly ordinary looking cyber-security company in Plymouth.

Bluescreen employs hackers the authorities have deemed worthy of a second chance, who pit their wits against some of the anonymous online criminals they used to see as brothers in arms.

image caption Jack stole personal information from thousands of people

When Jack was 19 years old, the police sent five squad cars, a tech team and a riot van to his home.

"It was about 08:10 in the morning. I'd had the most awful night's sleep and I'd just started watching The Lion King.

"It didn't even get past the intro before my bedroom door flew open and 10 police officers came in to arrest me.

"I was not expecting that on any day of my life."

The police were there for a good reason: when he was 16, Jack had stolen personal information from about 1,000 people.

He told police he'd never had any intention of using it for his own gain; to him, it was just an intellectual exercise.

Stories like this are not uncommon at Bluescreen IT, which has a direct link with the police to find hackers in need of direction.

These are young men who have been accused of serious crimes, but instead of being taken through the criminal justice system, they've been given a second chance.

About 15 people work in the Security Operations Centre, a handful of whom have been referred to the company as hackers who aren't malicious in nature and are deemed capable of reform.

image caption Cameron launched cyber attacks, and was caught by the National Crime Agency

Another employee, Cameron, was arrested on his way to school when he was just 14 years old.

Officers from the National Crime Agency had planned the sting so that Cameron would be out of the house, and unable to destroy his hard drives in the event he heard them coming.

"Up to that point my biggest worry was that I hadn't done my maths homework," he said.

"I was walking to school when I heard my name being called. I turned round and there was a man in a suit walking behind me.

"Then I heard him say my name louder, so I turned around and said 'yeah?' and that's when he told me I was under arrest.

"I turned around and there were five more officers spread out across the grass.

"I just didn't realise that what I'd done was that serious. It was all just one big joke - messing around - it never seemed like I was actually causing any real harm. I soon found out how serious it was."

"Grey hat hackers" like Jack and Cameron are seen as having committed their crimes for reasons that weren't to do with personal gain or cyber-terrorism. Sometimes it might have been a practical joke, or perhaps the motive was to launch a server-debilitating attack.

Now they try to stop others - using the methods they once employed - from wreaking the same havoc.

image copyright Getty Images

Hackers' hats

White hat hackers - These are the nice guys of the hacking world. They know what they're doing and they use their talents for good, such as getting rid of viruses or legitimately testing the security systems of companies and governments.

Black hat hackers - The bad guys. They're the ones who steal your bank details and sell them on the dark web. They usually hack for personal gain, although it could be some form of cyber-espionage or protest.

Grey hat hackers - Somewhere in between. They might hack a company without permission, only to point out the flaws without exploiting them. What they're doing is still illegal.

The route into a life of hacking isn't always the same, but a lot of the stories are similar, and they often start with gaming.

When he was younger, Cameron liked to tinker with things to see how they worked.

"I didn't like my high scores being beaten in video games - I always had to be the best at them."

He started making "mods" to video games - changes to the code that enabled him to get higher scores - which he said led him to online forums, and then darker areas of the internet.

"I ended up launching cyber attacks, and was later caught by the National Crime Agency," Cameron said.

You may also be interested in:

image caption The team at Bluescreen has some big personalities, and people from vastly different backgrounds

For Jack, now 23, it was his "laziness" that led him into the world of computing.

"I was 12. We'd just started doing algebra, but I didn't want to do it.

"I went home and tried to make a calculator for algebra. It didn't really go well, but that is my earliest memory of that side of things.

"I was trying to cut corners any way I could. Rather than studying, I would try and make it look like I was studying and doing well.

"I'd be failing in all my classes but pull it out of the bag at the last minute. After a while the school had had enough of me.

"I got my five GCSEs in Year 10 and then the school expelled me."

Just four years after his arrest, Jack is now working at an advanced level, carrying out processes like penetration testing - trying to break into clients' servers to find weaknesses.

He and Cameron, now 19, also defend against incoming attacks - an area where their hacking experience comes in handy.

image caption Det Sgt John Atkin found himself attending the same course as Cameron, who he arrested in 2014

One of the more surreal moments in Cameron's first year at Bluescreen was going on the same course as the police officer who had arrested him in 2014.

Det Sgt John Atkin from the South West Regional Cyber Crime Unit was attending a Bluescreen security course as part of his own professional development.

Cameron said: "It's unbelievable - what are the chances of that?

"I never would've thought when he was arresting me as a 14-year-old kid, that we'd one day be on the same course.

"There's an element of learning from each other now. Whenever something comes up in forensics he's the man to explain it best; we're lucky to have him there.

"And then for the attacks I can explain it better.

"We always got along, but I don't think John appreciated much of what I did."

Det Sgt Atkin has "no problem" meeting the hackers he's arrested because the whole point of the police Cyber Futures programme is to "try and develop people".

"What you can see here is that by working with Cameron and his family, and providing the support and knowledge we have, we're able to deliver and put him in a place where his future is set, rather than where he could have been.

"Cameron's a good kid so he's doing really well; the future's bright for him. Hopefully, he'll take this forward and then the world's his oyster."

image caption The Security Operations Centre is where the analysts defend incoming attacks

There's a relaxed atmosphere when you walk into the Security Operations Centre, but it's serious work.

Three monitors on the wall detail which of Bluescreen's clients are being attacked, and how serious the threat is.

The clients, mostly smaller and medium-sized businesses from around the South West, are given codenames like "Black Mamba" or "Green Starfish" - usually a colour and an animal.

The business has just won part of a £500,000 grant from the Department of Culture, Media and Sport to encourage more diverse candidates into cyber-security jobs, meaning it can keep growing, and potentially take on more former hackers.

As apprentices, employees like Jack and Cameron start on a wage of about £650 a month, but after five years of experience they could easily be earning close to £50,000 a year.

But for some reformed hackers, moving into a professional environment can be a big adjustment: even getting out of bed on time is sometimes a bit of a struggle for young men used to working unsupervised, to their own schedule and their own rules.

Now they must do regular office hours as part of a team dedicated to protecting the interests of the company's clients.

image copyright Getty Images image caption Adjusting to a nine-to-five job isn't always easy for Bluescreen's former hackers

It's not just a challenge for the new recruits: some of the hackers who arrive at Bluescreen are autistic, which isn't something that management have had much experience of dealing with.

"It's been a really hard journey for us and a massive learning curve," said the company's chief operating officer, Richard Cashmore.

"We've had to adapt how we manage people - if they need to work in a certain space, we'll go and do that.

"It's about give and take - we can't bend over too far for them because we need them to be employable, but we meet in the middle."

Bluescreen sees itself as a place to develop young people, give them a second chance, and be a haven for those with nowhere else to go.

"It makes me really proud when they achieve industry-recognised qualifications," said Mr Cashmore.