Share this post

🔑 Key Takeaways

  1. The internet may give an illusion of anonymity, but digital trails can be used to identify individuals. Technical skills can uncover user details to stop cyberbullying. Remember to treat others with respect and kindness online.
  2. With dedication, expertise, and social media presence, a career in cyber security can be achieved. VirusTotal is a vital resource for staying up-to-date on the latest malware threats.
  3. Using VirusTotal's premium membership, security researchers can detect and analyze unknown malware, providing better security and prevention against potential attacks.
  4. Maintaining transparency with employees and taking corrective measures can help organizations avoid cybersecurity incidents caused by internal notes in code, leading to loss of trust and money.
  5. Exercising free speech comes with responsibility. In Kuwait, there are limitations to what can and cannot be said about public figures and minorities. It is crucial to be aware of the laws and consequences.
  6. The misuse of laws to suppress free speech is a prevalent issue in some countries. However, individuals can still defend their rights by providing solid evidence and standing their ground. Stay alert and cautious when facing suspicious phone calls or messages, especially when attending public events.
  7. Cybersecurity researchers should carefully consider the legal and financial implications of sharing their findings and take measures to avoid revealing sensitive information or causing harm.

📝 Podcast Summary

The Danger of Anonymity Online and the Power of Uncovering User Details

The internet provides an illusion of anonymity, but there is always a digital trail that can be used to identify individuals and their personal information. This can be particularly dangerous in online spaces with toxic behavior, where the anonymity emboldens people to make vile and hurtful statements. However, as the story shows, with technical skills and knowledge of network traffic, it's possible to uncover user details beyond what is available in-game. This can be a valuable tool for stopping cyberbullying or harassment. It's also a reminder to be careful online and to treat others with the same respect and kindness one would want for themselves.

Cyber security expert on building a career in the industry

Mohammed, a cyber security expert from Kuwait, entered the field around 2010 and gained immense knowledge. He provided awareness on cyber security through social media and built his Twitter following. He got a job in the Kuwaiti government to secure systems and analyze malware. After building his popularity and scaling up, he left his job in 2018 and gave his first official cyber security training in the Netherlands. He got accepted as a trainer in Black Hat, an annual security conference in Las Vegas, and planned on teaching API endpoint security. He examined malware, mainly targeting the Gulf region, and used VirusTotal to stay up-to-date. VirusTotal was a new fascinating website to him.

Premium members of VirusTotal get alerts about unseen malware. Experts analyze the files to prevent potential attacks.

VirusTotal offers a free malware upload service to help security teams identify the type of malware present on their network. However, premium members get a bonus feature alerting them about newly uploaded, unseen malware files. Security researchers like Mohammed use this feature to discover and analyze unknown malware targeting their region, such as a suspicious banking malware uploaded from Kuwait. By analyzing the malware's strings or file hashes, they can determine whether it's infected their system and take necessary action. Posting file hashes is a safe way to share findings without revealing sensitive information. This malware discovery work leads to better security and prevention against potential attacks.

The Importance of Transparency in Cybersecurity Incidents

Mohammed's tweet about malware with the word 'GBKADMIN' caught the attention of people, and two days later, the Gulf Bank of Kuwait reported a loss of $9 million. While Mohammed didn't publicly announce his theories, he observed that there was a possible connection between the malware and the bank loss. Furthermore, the bank fired its general manager of IT without providing transparent information. The incident didn't just catch the attention of the citizens but also the cybercrime department. It's crucial to note that internal notes in code or other information that's human-readable can cause cybersecurity incidents. Therefore, organizations need to maintain transparency with their employees and take corrective measures to avoid such incidents.

Understanding the Limits of Free Speech in Kuwaiti Law.

Mohammed's tweets led to him being accused of abusing a mobile phone device and leaking trade secrets. He hires a lawyer to navigate the criminal charge properly and discovers the fine line between freedom of speech and restrictions set by the Kuwaiti laws. There are certain public figures and minorities in Kuwait that can't be talked about in a bad manner, and hate speech is also prohibited. It shows the importance of being mindful of the laws while exercising freedom of speech and the consequences of undermining a bank's security, even unintentionally, which led to Mohammed's legal trouble and the need for a solid defense.

The abuse of cyber crime law in Kuwait and an attempted entrapment of a man who spoke out.

The cyber crime law of 2014 in Kuwait was abused by people, such as government officials and social media figures, to sue anyone who spoke negatively about them. This often resulted in verdicts where people had to pay fines. Mohammed's trial was an example of this. However, he provided a solid defense that his tweets were protected speech, did not mention any specific bank or trademark, and came from public sources. The judge seemed convinced and on his side, allowing Mohammed to attend the Black Hat conference in the US. Before leaving, though, Mohammed received a suspicious phone call and telegram that tried to entrap him into revealing information about the Gulf Bank hack. He realized it was an entrapment attempt and played it cool, but still wonders who would benefit from targeting him.

The Consequences of Publicly Sharing Cybersecurity Findings

Mohammed's legal battle after finding malware on VirusTotal and tweeting about it highlights the potential consequences of sharing cybersecurity findings publicly. Even after being cleared of all wrongdoing, he still had to endure a year-long appeals court process due to the public prosecutors' formalities. The UN report also sheds light on a possible bank robbery in Kuwait, suggesting that cybersecurity threats can lead to real-world financial losses. As such, it is important for cybersecurity researchers to consider the potential legal and financial implications of sharing their findings before doing so, as well as taking steps to ensure that they do not inadvertently reveal sensitive information or cause harm.