In 2016, a 19-year-old Daniel Kelly faced charges for computer hacking, extortion, and fraud linked to a significant data breach at a British telecom firm, resulting in a four-year prison sentence. Post-release, he has collaborated with over 35 cybersecurity firms to create campaigns and thought leadership pieces.
The reality of digital threats.

As a teenager, gaming dominated my life. I spent upwards of 12 hours daily immersed in it. My focus was entirely on video games, as school didn’t captivate me and my offline social interactions were minimal. Gaming became my world, a means of escape, and my community.

Trouble began around 2011 or 2012 when I was competing in an online multiplayer game and experienced a sudden internet disconnection just before the match. It turned out that my opponent had managed to trace my IP address and launched a Distributed Denial of Service (DDoS) attack against me. This incident sparked my curiosity to understand how it was accomplished, leading me to an online hacking forum—not out of malicious intent, but pure curiosity.

Delving into video game cheating sparked my interest in the workings of websites, prompting me to learn about hacking web applications. I began reporting vulnerabilities to various companies and ultimately gained a position as a security researcher with Microsoft.

What deterred me from pursuing that path was the sense of futility I felt. At that time, formal bug bounty programs—incentives for responsible hackers who discover vulnerabilities—were non-existent, and many companies failed to grasp the concept of responsible disclosure. Consequently, those who reported issues were often ignored or even threatened. For a teenager yearning for acceptance and community, this was transformative.

From 2012 to 2015, things intensified. I forged connections on hacking forums, and the discussions gradually shifted from curiosity to darker topics. I found myself leaning towards cybercrime without fully realizing how far from my initial intentions I had strayed.

Following my arrest, I faced endless legal battles and delays while on police bail for four years.

My first prison experience was at HMP Belmarsh, an environment that felt chaotic and unpredictable. For the initial weeks, I remained hyper-alert—not from fear, but due to the atmosphere. Eventually, you adapt to the prison’s daily rhythm, which also forces you to deeply reflect on your choices. It wasn’t entirely negative, but it was certainly isolating.

The sensation of being liberated can be most simply described as “weird.” You expect freedom to be an emotional high point, but it’s often disorienting. After months or years of being told what to do and when, emerging back into society comes with the expectation of returning to normalcy. Adjusting took time; I had to reacquaint myself with making small decisions and rebuild my confidence.

My sentence included a Serious Crime Prevention Order, which I still abide by more than a decade later. It impacts nearly every aspect of my life, imposing restrictions on my technology use and online activities. The awareness that one misstep could lead to loss of freedom creates a constant tension.

Since being released, I’ve found a way to merge two realms I know intimately: cybersecurity and cyber threat intelligence. Many cybersecurity marketing teams lack technical skills, while many tech experts struggle to communicate their work to the public effectively. I’ve built a bridge between these areas. The same knowledge that once led me astray now serves as the bedrock of my business—an odd yet positive twist.

If you have talents but feel isolated, it’s easy to gravitate toward communities that seemingly accept you but ultimately lead you astray. During my youth, I attempted to apply my skills positively. Had there been a more structured and constructive avenue for young individuals to showcase their abilities, my trajectory might have been different. I wasn’t predisposed to commit typical crimes; it was indeed a valid case where no one intervened to guide my potential for legal use. This lack of guidance combined with innate talent can be hazardous.

Fergus Hay, founder of The Hacking Games, aims to reshape the narrative surrounding hacking from one viewed solely as criminal to one seen as constructive when applied correctly. The partnership between Co-op and The Hacking Games offers young minds an outlet to hone their digital skills toward ethically sound careers—precisely the preventative approach we need. It provides young people with technical skills a positive direction. As a member of The Hacking Games Virtue Community, I strive to guide the next generation in avoiding my past mistakes and using their skills for societal protection.

I would advise anyone passionate about technology to not overlook the opportunities that come from being open about your learning journey. The Internet can connect you with individuals who recognize your potential and provide opportunities. The essential aspect is to focus your energy on mastery rather than mischief. Be mindful of the motives of those around you. If someone suggests that laws are irrelevant or that all laws are inconsequential, it’s a warning sign. The boundary between curiosity and crime can blur quickly without guidance.

My thoughts on what advice I would give my younger self continue to evolve. The obvious response would be, “Please don’t.” Yet, the reality is that everything I experienced has fundamentally shaped who I am and my current endeavors.

Still, I would advise my younger self, “Don’t cross that line.” Avoid threatening or extorting businesses—that remains my greatest regret. I’d also emphasize the importance of considering the outcomes and realizing how many lives are impacted by rash actions. While curiosity itself isn’t wrong, the way it was wielded was flawed.

learn more

Ensure young people are safe online with Barnardo’s guidance on safety.