The Director Strikes Back

The Director Strikes Back

“HITB Florian Lukavsky hacks criminals profiting from out-of-control multi-billion dollar CEO wire transfer scams … and they hate him for it.

The director of SEC Consult’s Singapore office has made a name striking back at so-called “whaling” scammers by sending malicious Word documents that breach their Windows 10 boxes and pass on identity information to police.” – The Register

The Cyber Wild West known as the Internet is a dangerous place to be… Scammers, hackers, hijackers watching our every move and they will strike at any weakness they can spot. To show no weakness is impossible, to dodge every bullet is hard and you have to be aware what to look out for.

The “whaling” is not a new sport for cybercriminals, but it is rare for them to experience some payback. It is very admirable that a leader finally stood up for himself and his company, and fought back. Maybe if most leaders were as capable as Florian, the criminals would think twice who to target, nobody wants to walk on a cyber minefield of counter-hackers.

A Gartner report a few years ago suggested that if cybercriminals focus on targeting individuals by 2020 there is a good chance that victims will start taking matters into their own hands. Seems we are walking the path of the cyber “neighborhood watch” scenario.

Yet, 50% of regular, innocent email and online communication is misunderstood. And cybercriminals are masters of social engineering. So I can’t emphasize enough the importance of identifying sources and using multiple instances of them. Calm decisions, checking more sources, using our own communication channels (not the ones scammers suggest) make sure you are talking to the right people and you are asked the legitimate things to do.