Techerati Live – Interview – Russ Handorf – WhiteOps
Techerati Live – Interview – Russ Handorf – WhiteOps
NICKY PENNYCOOK [00:00:02] Hello, everyone, and welcome back to the second part of our Techerati Live, Security Edition. And I’m now going to be joined by our next guest, who is Russ Handorf, hoping I can say hello to Russ now. Hi Russ, how you’re doing?
RUSS HANDORF [00:00:19] Good day and to everyone else out there in TV land.
NICKY PENNYCOOK [00:00:23] Okay, thank you so much for joining us today, Russ. And so just to begin with, could you explain a little bit about yourself and what you do?
RUSS HANDORF [00:00:30] Sure. So I work for a company called White Ops. And my role in White Ops is Principle Threat Intelligence Hacker, where I oversee a group of really clever folks who are very forward leaning in their security research and the investigations that we run for our customers and other organisations out there on the Internet. And this is all in support of the mission of White Ops, which is fundamentally to verify the humanity of every interaction that occurs online, as well as to disrupt the economics of cybercrime fundamentally, which is why you hit him in the purse. That changes the game. And that’s what we primarily focus on.
NICKY PENNYCOOK [00:01:21] So, obviously, technology is always changing and developing. How would you say that hackers have evolved and become more sophisticated over time?
RUSS HANDORF [00:01:33] The changes that we have seen is more in alignment to the scale in which the attacks are able to be perpetrated. And for a personal bit of background. Prior to joining White Ops, which I just said recently, I worked for the FBI for about 10 years and while there, I got to see a very small lens of what the broad scope of cybercrime actually looks like. I focused more on other types of more national security stuff, but the I always kind of felt like these huge infections were out there and I never saw a lot of reporting or research from industry about it. Since joining that gut check has been proven very true to where we find people talk about the Internet of Things being infected here and there and everywhere. It’s one thing to have an infection. It’s another thing to make like a lot of money off of having an infection. And I never really, truly realized the scale of the money-making and revenue streams of actual cybercrime. And I was far more organised than it was as a kid growing up and seeing this sort of grand stage play out. So, yeah, the big change right now is people growing and scaling and monetizing this resource to them. And that’s phenomenal. I had no idea there. I always felt like there were all these infected phones. I didn’t know there were millions of infected phones doing millions of dollars a day and fraud. Yeah, that’s that was the mind blowing part for me.
NICKY PENNYCOOK [00:03:16] I bet you’d have seen some things if you used to work in FBI. That I bet you’ve seen some incredible stuff.
RUSS HANDORF [00:03:24] All five senses have been stimulated there. Yes.
NICKY PENNYCOOK [00:03:26] Yes, I can imagine. And this kind of leads me nicely on to a nice question. And how well would you say that the Internet has changed the world for the better or the worst? I mean, I’m sure you’ve probably seen some of the cases for the worst but what’s your thoughts on that?
RUSS HANDORF [00:03:47] Well, so once upon a time, everyone thought and knew that the world was flat. And that changed. And now we think and we knew that the world was round. And now I argue that the world is flat again because the Internet has made everyone connected to everyone very rapidly and very quickly with very few barriers. So from the construct of criminal activity or desires or access. So, for instance, people used to always talk about a hacker could hack into your Wi-Fi and all that sort of stuff. Well, yeah, that sometimes happens. Not as much as it is thought to occur, primarily because that’s a meatspace crime. You physically have to be there. And I actually enjoyed those because that meant that the actor was somewhere like I could put hands on them. Now that we’re all interconnected, the saying of one man’s treasure sort of thing. There isn’t someone out there that doesn’t want something that you have something that you know or something that you are. And that could be the information on your computer, the access to your Internet connection, the pivoting off of your gigabits per second on anything along those lines. And the other types of crime that are growing astronomically, that even just surprises the hack out of me is B2C business email compromise sort of stuff, which is an entirely different lecture for or just very basic social engineering. No malware, no macro’s. Just talking to people and getting money out of them is another entirely different interesting venue. But, you know, and the last thing that I would add to it is short of how things have changed. Pente global events or sociological events are very interesting from the construct of identifying where actors can be. So what I have been paying attention to is, as does the pandemics have been playing out from country to country, is paying attention to the activities. The growth rate and the response rate of different botnets, because the actors of those botnets are people, too. And when you have a global crisis, as the wave of that crisis effect eventually affects that individual, that criminal. Then you will see a behaviour change in their resources and their reaction times and their infrastructure as well. A great example is the call centres for ransomware. They all now have to work remote too. They can’t all go into those giant call centres where they would take phone calls. So how does that business model from criminal enterprise react to things? Well, Internet connections are kind of flaky. So if anyone was paying close attention, there was at least a good one month window where ransomware activity dropped because the support for the back end of that criminal enterprise. That business function failed. And that was the call centre base. So it’s it’s because the world is now flat again, because the Internet, it’s given a really good focus for a social impact that the Internet has had. It’s about. Especially with the criminal aspect. Yes.
RUSS HANDORF [00:07:16] Absolutely, thank you Russ. So we have got a couple more minutes left and one more question for you. And you talking about about the different ways that people can be attacked and decapitations, how is it business? So individuals out there listening to this, how can they protect their applications from bot attacks and frauds now and moving forward?
RUSS HANDORF [00:07:37] Sure, thank you for asking that. That’s funny enough, we’ve done a lot of research and developed a capability recently that we call that’s for protecting applications. And it protects against credential stuffing attacks or automated input-based attacks. And I’ll give you an example. Let’s say we’ll actually pretty much anyone can download this right now like a list of email addresses and passwords and all that sort of stuff. You can test the validity of that in an automated way against a site and then use that to either attack the resources of that business or test the resources of the validity of that account, the credentials behind it. If you think about systems in the sense of like brute force attacks, one log in attempt is not going to ring any alarms and bells for a particular user because most systems protect like three strikes you’re out or a penalty box or things like that. But coming from the same IP address and crawling, you know, one credential, one credential, one credential, not a lot of systems really protect or defend or identify things along those lines. So if I can define that your credentials work on this site, then I can probably try other sites and put it from there. So our solution to this particular problem has been tested and validated to detect, alert and stop this new form of criminal enterprise by you leveraging people’s existing accounts against infrastructure that already exists. So, yeah, that’s that’s a new growing area of criminal enterprise that we’re seeing.
NICKY PENNYCOOK [00:09:13] Okay. Thank you, Russ. I’m afraid that’s all we’ve got time for. But you’ve been getting interesting. It’s been great talking to you and thank you for joining us today.
RUSS HANDORF [00:09:23] Absolutely. Take care and be safe.
NICKY PENNYCOOK [00:09:28] So that was Russ from White Ops. We’re just going to take another quick short break and we will be back shortly with our guests.