Home page logo
/

isn logo Information Security News mailing list archives

Interview: Hacker OPSEC with The Grugq
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 12 Nov 2013 06:53:24 +0000 (UTC)

http://blogsofwar.com/2013/11/11/interview-hacker-opsec-with-the-grugq/

By John Little
Blogs of War
November 11, 2013

The Grugq is an world renowned information security researcher with 15 years of industry experience. Grugq started his career at a Fortune 100 company, before transitioning to @stake, where he was forced to resign for publishing a Phrack article on anti-forensics. Since then the Grugq has presented on anti-forensics at dozens of international security conferences, as well as talks on numerous other security topics. As an independent information security consultant the Grugq has performed engagements for a wide range of customers, from startups to enterprises and the public sector. He has worked as a professional penetration tester, a developer, and a full time security researcher. The Grugq's research has always been heavily biased towards counterintelligence aspects of information security. His research has been referenced in books, papers, magazines, and newspapers. Currently an independent researcher, the grugq is actively engaged in exploring the intersection of traditional tradecraft and the hacker skillset, learning the techniques that covert organisations use to operate clandestinely and applying them to the Internet. You can follow him on Twitter at @thegrugq.

John Little: You blog and have given conference presentations on Hacker OPSEC. You started doing this before the recent NSA revelations (and the general hysteria surrounding intelligence collection) but you were already warning hackers that states had superseded them as the internet's apex predator. In just a couple of years we’ve moved from the seeming invincibility of LulzSec, to high profile busts, and now onto serious concerns being raised about the every aspect of the internet's architecture, security models, and tools. Rock solid OPSEC is a refuge but maintaining it for long periods of time under significant pressure is very difficult. The deck is obviously stacked against anyone trying to evade state surveillance or prosecution so where do freedom fighters and those with less noble intentions go from here?

The Grugq: You raise a number of interesting points. I'll ramble on about them in a moment, but before that I’d like to clarify for your readers a bit about where I am coming from. Firstly, I am not a "privacy advocate", I am an information security researcher. My career in information security has been mostly focused around denial and deception at the technical level.

Recently, however, I became aware that this "fetishizing the technology" approach is simply not effective in the real world. So I turned to studying clandestine skills used in espionage and by illicit groups, such as narcotics cartels and terrorist groups. The tradecraft of these clandestine organizations is what I am trying to extract, inject with hacker growth hormone, and then teach to those who need real security: journalists; executives traveling to adversarial environments; silly kids making stupid life altering mistakes, etc.

The media has actually expressed a lot of interesting in improving their security posture, and I am engaged in helping some journalists develop good OPSEC habits. Or at least, learn what those habits would be, so they have some idea of what to aspire to. There is a strange intransigence with some who reject improved security with the line: "but we're not criminals! Why do we need this?" Well, the only answer I have is that OPSEC is prophylactic, you might not need it now, but when you do, you can’t activate it retroactively. As I phrased it in my "The Ten Hack Commandments" -- be proactively paranoid, it doesn't work retroactively.

So, that's how I've arrived at hacker tradecraft, and where I'm trying to take it. On to the issues you’ve raised about good OPSEC and living a clandestine life.

[...]

--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

  By Date           By Thread  

Current thread:
  • Interview: Hacker OPSEC with The Grugq InfoSec News (Nov 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]