5 years of cyber security, threat intelligence and cyberwar

And it all happened so fast.

It has been 5 years since I started my journey as a cyber-security enthusiast and I had the feeling to write a “long” post about how the last 5 years developed me to become a cyber-security geek. In the last 5 year I have seen and have dealt with a lot of things. On personal level but also on my work/business level. I can proudly say that I have worked at various companies which have learned me a lot. Each one of them.

How I started

It all started when I was at school. I was 19 years old and I had just finished my system/network administrator course. The Netherlands started with a new type of course, called “Private digital Investigator”. This course would allow me to learn the Dutch law on privacy and which actions forensic investigators are allowed to take.

I started studying the private digital investigator and I created a LinkedIn account so I could start searching for a good company for my internship. In just a couple of days I got contacted by a threat intelligence specialist to join him to a conference in Brussel. The reason was pretty clear, the conference would allow me to get insight in the European “cyber” field and I would get to know the contact on our way there. I was aware that it could be dangerous, but hey – I can manage.

The cyber security conference was awesome and my contact introduced me to a lot of people which work and life in the cyber security world.

Forensic activities

In the 5 years of working as a security professional I had the privilege to do some forensic work. This included making copies of specific devices without changing any information which is stored on the hard disk, memory or bios.

I do not enjoy the forensic activities a lot because I mainly prefer to do intelligence activities. Do not take me wrong, it is very important to have a good understanding of how forensic methods are used and can be adapted to provide a more secure environment.

System maintenance activities

During my 5 years, I have done a lot of system maintenance. This included hardware and software, so I can say that I have a good understand of how the computer works and how the Windows (Microsoft) operating systems work. I need to have a good understanding of the systems, how else can I protect them?!

Network maintenance activities

Firewalls, ugh – very important. They do not provide complete security but they are a very important layer which helps to defend specific environments from malicious users. Do note that it is important to have them configured well.

Cyber security activities

Cyber security, the internet of things and bring your own devices. Oh, I forgot to mention advanced persistent threats (“advanced” hack attempts). The time that I started, was the perfect moment. Stuxnet just arrived and it allowed me to take a deep dive in the cyber security world. Hundreds of reports were released and just a couple of companies knew the real truth about Stuxnet. The origin is as we speak still “unclear” for many, while there have been reports which clearly state the builders of Stuxnet. I will not go further on Stuxnet as it is a discussion on its own.

Threat intelligence activities

AWESOME, I love Threat Intelligence. Is there some information which can be useful in the future?! STORE it and analyze it for information. This can be anything, just take a look at the Cyberwarzone.com website. You can find threat intelligence on cyberwar, cybercrime, scams and malware.

Threat intelligence allows me to keep track of the latest news and trends while I do my job.

Malware activities

Cuckoo Sandbox. Go search it up and start creating your own malware analyzer. The Cuckoo Sandbox project allowed me to take an insight in the world of malware. Did you know that malware creates specific mutexes which can be traced and blocked?! The Cuckoo Sandbox allows you to take a look at the malware mutexes and much more. It is definitely something you should play and practice with.

Coding activities

If you want to take part in the cyber security world, you will need to have an understanding of some programming languages. The best way to get insight on that is by practicing programming languages. In other words – start creating your own applications. It can be anything!

Be the first to comment

Leave a Reply