By Sasha Ingber
July 8, 2021They use false personas cultivated over the past five to 10 years. And some of them trace problems from the cyberworld to the physical.
Cybersecurity expert Tyler Robinson was in an online forum, watching, when a hacker bragged about selling the data of 700 million LinkedIn users, just days ago. This is the story of people who build false identities to hunt cybercriminals, screen to screen.
“Real trust within these groups can take a very long time, depending on the level of access and information provided to you, you’re probably not going to do that within a year or even two years,” says Tyler Robinson, CEO and founder of Dark Element. “Many of our personas have been cultivated and curated over the last five to 10 years.”
Even though the private sector owns and operates nearly 90% of critical U.S. infrastructure, things like pipelines and cell phone towers, American companies don’t rely on the government for protection — they go to people like Robinson, who maintains dozens of personas.
“It does take a lot of back story where we are providing dogs, pictures of food, different work-related topics, as well as the technical topics. You have credit cards, you’ve got cell phone numbers you have to maintain,” Robinson says.
The more detailed the persona, the better.
“When we have major efforts that we’re going at, we do use a screenwriting tool and the tool helps you build your characters. It helps you get into your motivation for each one. It builds a little dossier,” says Chief Intelligence Officer of Treadstone 71 Jeffrey Bardin.
Bardin focuses on cybercriminals in the Middle East and Africa who may be tied to foreign intelligence services. Besides a screenwriting program, he uses translation software and personality tests. But first, Bardin builds detailed profiles of targets, like this one — blurred for security:
“We’re look at everything from age and birth date and birth location and parents’ information and upbringing, schooling and education — we’ll look at their current locations, where they live, where they work. We’ll look at their activities outside of work,” Bardin says.
These experts have provided information on high-profile ransomware and supply chain attacks you’ve heard about in the headlines