5 years of cyber security, threat intelligence and cyberwar

And it all happened so fast.

It has been 5 years since I started my journey as a cyber-security enthusiast and I had the feeling to write a “long” post about how the last 5 years developed me to become a cyber-security geek. In the last 5 year I have seen and have dealt with a lot of things. On personal level but also on my work/business level. I can proudly say that I have worked at various companies which have learned me a lot. Each one of them.

How I started

It all started when I was at school. I was 19 years old and I had just finished my system/network administrator course. The Netherlands started with a new type of course, called “Private digital Investigator”. This course would allow me to learn the Dutch law on privacy and which actions forensic investigators are allowed to take.

I started studying the private digital investigator and I created a LinkedIn account so I could start searching for a good company for my internship. In just a couple of days I got contacted by a threat intelligence specialist to join him to a conference in Brussel. The reason was pretty clear, the conference would allow me to get insight in the European “cyber” field and I would get to know the contact on our way there. I was aware that it could be dangerous, but hey – I can manage.

The cyber security conference was awesome and my contact introduced me to a lot of people which work and life in the cyber security world.

Forensic activities

In the 5 years of working as a security professional I had the privilege to do some forensic work. This included making copies of specific devices without changing any information which is stored on the hard disk, memory or bios.

I do not enjoy the forensic activities a lot because I mainly prefer to do intelligence activities. Do not take me wrong, it is very important to have a good understanding of how forensic methods are used and can be adapted to provide a more secure environment.

System maintenance activities

During my 5 years, I have done a lot of system maintenance. This included hardware and software, so I can say that I have a good understand of how the computer works and how the Windows (Microsoft) operating systems work. I need to have a good understanding of the systems, how else can I protect them?!

Network maintenance activities

Firewalls, ugh – very important. They do not provide complete security but they are a very important layer which helps to defend specific environments from malicious users. Do note that it is important to have them configured well.

Cyber security activities

Cyber security, the internet of things and bring your own devices. Oh, I forgot to mention advanced persistent threats (“advanced” hack attempts). The time that I started, was the perfect moment. Stuxnet just arrived and it allowed me to take a deep dive in the cyber security world. Hundreds of reports were released and just a couple of companies knew the real truth about Stuxnet. The origin is as we speak still “unclear” for many, while there have been reports which clearly state the builders of Stuxnet. I will not go further on Stuxnet as it is a discussion on its own.

Threat intelligence activities

AWESOME, I love Threat Intelligence. Is there some information which can be useful in the future?! STORE it and analyze it for information. This can be anything, just take a look at the Cyberwarzone.com website. You can find threat intelligence on cyberwar, cybercrime, scams and malware.

Threat intelligence allows me to keep track of the latest news and trends while I do my job.

Malware activities

Cuckoo Sandbox. Go search it up and start creating your own malware analyzer. The Cuckoo Sandbox project allowed me to take an insight in the world of malware. Did you know that malware creates specific mutexes which can be traced and blocked?! The Cuckoo Sandbox allows you to take a look at the malware mutexes and much more. It is definitely something you should play and practice with.

Coding activities

If you want to take part in the cyber security world, you will need to have an understanding of some programming languages. The best way to get insight on that is by practicing programming languages. In other words – start creating your own applications. It can be anything!

Some basic programming languages which are useful to learn:

  • Html /Php – Create your own website
  • Java – Create your own website
  • Python – Create your own IP scanner
  • C sharp – Create your own Windows IP scanner

Hacking activities

Hacking is cool, but you will be slapped in the face if you only hack with tools. I sure did get “cyber-slapped” at least once in the last 5 years. It was then when I got introduced to the OWASP Webgoat project.

WebGoat is a hacking course/environment which you can run on your own computer. Once it has been setup, you will be able to hack the WebGoat environment while you practice important and basic hacking skills.

Conference activities

I like to talk, and I enjoy to study social engineering and cyberwarfare. The threat intelligence allows me to keep track of the latest news – so I simply analyze the information which has been published and I add my own opinion and alternative “POC” to my talk. Tadaaa. You got content for your first conference.

It is very important to attend conferences. This will allow you to meet people that are in the same field as you.

I like cyber-stuff, so I attend a lot of cyber conferences. I have been to the CCDCOE (Cooperative Cyber Defence Centre of Excellenceconference in Estonia and I can tell you that it something you HAVE to attend. The same goes for the APWG (Anti-Phishing Working Group) conferences and the DCWC “Dutch Cyber warfare Community” conferences in The Netherlands.

What do I advise

Do not be afraid to make mistakes. Everyone makes mistakes, and if people punish you for making mistakes then you are not in the right environment. Make sure that you have people around you that are specialized in their own thing. This will allow you to discuss cyber security subjects and it will allow you to stay on track.

Do not be afraid to create projects. They do not have to be cool, they do not have to work. It is about you developing your own skill sets.

I had the honor to meet people that have been in the security field for over 20 years. The amount of knowledge they hold is awesome, go search for those type of people in your network. Most of the times they are honored to share their knowledge. Just make sure that you do not waste their time.

You only live once, and it is way more awesome to do something different each day. Go ahead and explore the world.