As Attacks Rise, These Security Experts Are Hunting Cyber Criminals
They use false personas cultivated over the past five to 10 years. And some of them trace problems from the cyberworld to the physical.
Cybersecurity expert Tyler Robinson was in an online forum, watching, when a hacker bragged about selling the data of 700 million LinkedIn users, just days ago. This is the story of people who build false identities to hunt cybercriminals, screen to screen.
"Real trust within these groups can take a very long time, depending on the level of access and information provided to you, you're probably not going to do that within a year or even two years," says Tyler Robinson, CEO and founder of Dark Element. "Many of our personas have been cultivated and curated over the last five to 10 years."
Even though the private sector owns and operates nearly 90% of critical U.S. infrastructure, things like pipelines and cell phone towers, American companies don’t rely on the government for protection -- they go to people like Robinson, who maintains dozens of personas.
"It does take a lot of back story where we are providing dogs, pictures of food, different work-related topics, as well as the technical topics. You have credit cards, you've got cell phone numbers you have to maintain," Robinson says.
The more detailed the persona, the better.
"When we have major efforts that we're going at, we do use a screenwriting tool and the tool helps you build your characters. It helps you get into your motivation for each one. It builds a little dossier," says Chief Intelligence Officer of Treadstone 71 Jeffrey Bardin.
Bardin focuses on cybercriminals in the Middle East and Africa who may be tied to foreign intelligence services. Besides a screenwriting program, he uses translation software and personality tests. But first, Bardin builds detailed profiles of targets, like this one -- blurred for security:
"We're look at everything from age and birth date and birth location and parents' information and upbringing, schooling and education -- we'll look at their current locations, where they live, where they work. We'll look at their activities outside of work," Bardin says.
These experts have provided information on high-profile ransomware and supply chain attacks you’ve heard about in the headlines -- for both private companies and federal agencies. They’re bound by non-disclosure agreements, but share alarming trends:
Robinson found criminals targeting products that companies often turn to for security -- like threat emulation software Cobalt Strike. Bardin traced a path from the cyberworld to the physical...
Former hackers in Iran shutting down their groups and traveling overseas under the guise of leisure. Instead he says they’re collecting information on dissidents for Iranian intelligence services. And the consequences for dissidents can be disturbing:
"Cyber disinformation, misinformation and character assassination, but eventually into physical termination. Killing somebody," he says.
Even sharing some tactics with Newsy means Bardin will consider modifying his methods so adversaries don’t catch on.
It’s a job that never ends.
US downs Chinese balloon over ocean, moves to recover debris
While the US has its suspicions, China has continued to claim that the balloon is merely a weather research "airship" that had been blown off course.By Brian Branch via AP
Blinken postpones China trip following balloon discovery
The decision came hours before the secretary of state had been due to depart for Beijing and marked a new blow to U.S.-Chinese relations.By Stefani Reynolds/Pool Photo via AP
Defense officials advised Biden not to shoot down Chinese balloon
Officials warned the balloon's size and considerable weight could create a debris field large enough to endanger Americans on the ground.By Larry Mayer/The Billings Gazette via AP
Former Israeli PM: Putin promised not to kill Zelenskyy
Former Israeli Prime Minister Naftali Bennett became one of the few Western leaders to meet President Vladimir Putin during the war.By Tsafrir Abayov / AP
9 missing after fishing boat capsizes in South Korea
Survivors said the boat’s engine room had quickly filled with water before the 24-ton vessel tipped over.By Jung Hee-sung / Yonhap via AP
Europe bans Russian diesel, other oil products over Ukraine
The new sanctions create uncertainty about prices as the European Union finds new supplies of diesel from the U.S., Middle East and India.By Michael Probst / AP