Pierluigi Paganini May 27, 2016

Today I propose you an interview with Sneaker, one of the members of the GhostSec crew.

The Sneaker is a very intriguing expert involved in counterterrorism operations against the ISIL members online.

Ghost Security (GhostSec) is an internationally-based counterterrorism group that specializes in intel collection, threat analysis and digital weapons. Its cyber operations consist of collecting actionable threat intelligence, advanced analytics, cyber warfare using offensive capabilities, surveillance and providing situational awareness.

Enjoy the interview and let me thank Sneaker for its support.

What are your motivations? Why do you hack?

I joined GhostSec because of all the horrors ISIS was causing all around the world. Considering the fact that most of ISIS’ recruiting is done online, it struck me as odd that little was being done to counter them online. Many Western governments have admitted that they are ill-equipped to fight ISIS online. They have not been proactive, for one thing. Terrorism online is not a new phenomenon and a plan to effectively address it should have been implemented shortly after 9/11.

Most governments also employ ineffective strategies such as hashtag campaigns, etc. You can’t defeat terrorism with a hashtag. They also use obsolete systems and have poorly trained employees who do not keep up with new and emerging trends in cybersecurity.

So, GhostSec, along with many others such as CtrlSec, stepped in to assist. It beats just sitting around waiting for the next terror attack.

What is your technical background and are you an IT professional?

I have a degree in a computer field and I’m currently working on a couple of certifications: GIAC Security Essentials (GSEC) and Certified Ethical Hacker (CEH).  I work in IT and part-time as a writer.

What would you change about the cybersecurity industry and why?

For one thing, it is startling that none of the top 10 US university computer science and engineering programs require students take a cybersecurity course. DarkReading recently reported on that. With the threat level being as high as it is, it just seems to defy reason and logic. Basic computer security is something that should be taught even in the most basic computer science courses.  Some people may avoid taking a cybersecurity course because it doesn’t sound like a lot of fun. But, trying to recover a computer from a malware attack is not a lot of fun either. So, it’s definitely worth at least learning the basics.

How many women do you know that are hackers or pen testers? What about as networking architects? Data mining experts?

At work I know three who are ethical hackers and have pentesting skills. There are female hackers in Anonymous, but I’m not sure who among them has pentesting skills, but there are definitely data miners. Data mining is an important aspect of OpISIS.  Helps to locate terror accounts in an efficient manner.

What was your greatest hacking challenge?

My biggest hacking challenge is actually currently underway – an operation involving ISIS, but I cannot go into any further details at this time. It’s a special op involving 3 GhostSec members.

What was your greatest challenge?

Undercover ops are the most challenging, in my opinion. Infiltration requires patience and a lot of time and effort. It is also dangerous. One wrong move and whoever is being infiltrated can become suspicious. And, ISIS has a seething hatred for spies. So, it is challenging, but in terms of the valuable intel acquired, it’s well worth it.

What scares you the most on the internet?

A fellow GhostSec member, VujaDeGhost voiced her main concern:

“What I do at the moment helps answer this question with absolutely no doubt in my mind. The most vile part of the Internet as it stands today, is the distribution of disturbing content. When I log into my accounts and start work there in no break in what happens.
I see innocent people being hurt and/or killed. Beaten, hung, drowned, burned, dragged and beheaded. I see children being abused in ways I could not even begin to explain in an interview. All via the internet.”

I agree that the horrific imagery we come across constantly is of the most disturbing aspects of the internet. While offensive content has always been part of the internet, there is a difference, from a legal standpoint, between hate speech and other unpopular speech and speech that is in support of terrorism. In the US, for instance, most hate speech is speech that is protected under the First Amendment. But, posting terrorist propaganda, making threats and terrorist recruiting is not protected speech. These activities provide aid and support to terrorism. So, there is no legal right to these activities.

[adrotate banner=”9″]

Edited by Pierluigi Paganini

(Security Affairs – hackers, hacktivism)