Darknet Diaries | How “dawgyg” Made Over $100,000 in a Single Day, From Hacking

This is a story about a hacker named “dawgyg(aka Tommy de Vos) and how he made over $100,000 in a single day: from hacking. Tommy also became one of the first six people on bug bounty platform HackerOne to make a million dollars. Listen to Tommy de Vos tell his story to Jack Reciter.

This episode is sponsored by SentinelOne. To learn more about our endpoint security solutions and get a 30-day free trial, visit sentinelone.com/darknetdiaries

Enjoy!

Darknet Diaries | 60: dawgyg | How “dawgyg” made over $100,000 in a single day, from hacking transcript powered by Sonix—easily convert your audio to text with Sonix.

Darknet Diaries | 60: dawgyg | How “dawgyg” made over $100,000 in a single day, from hacking was automatically transcribed by Sonix with the latest audio-to-text algorithms. This transcript may contain errors. Sonix is the best audio automated transcription service in 2020. Our automated transcription algorithms works with many of the popular audio file formats.

A quick warning right here at the beginning, this episode does contain some swear words and some bad language, if that’s an issue for you. Well, maybe skip this one.

Hey, it’s Jack. Host of the show. One of the reasons I like making this show is to smash the stereotype of what a hacker looks like. Today’s guest definitely does that.

I don’t know. I’m trying to see. Understand. Get a picture of your vibe here. You’re almost like you almost look like Eminem a little. Not quite. But, you know. Yeah. Yeah. What do you call what would you characterize yourself?

Well, I actually used to take a lot of pride in the fact that I don’t work like the average hacker. I guess what you what most people would say I was was. Do you remember the term wigger? W. H.I.G. are white guys that dressed like black guys. Listen to rap music and stuff like that. My first time in prison. And up until that point, I guess that’s technically what most people would seem. Yes, like I wear baggy clothes, sagging pants, backwards hat and everything like that. I got tattooed pain as well from a roll song on the back of my head. I got the laugh now cry later faces.

These are tattoos he got while in prison.

So my right bicep, I put a little tribal looking face that was smiling and it said, laugh now.

And then on my left side, I had a face that was crying. And it said, Cry later. Federal prison in federal prison. We all have prison numbers. And the last three digits of your numbers show where you were arrested. And my number was 3 8 1 4 1 dash 0 8 3 0 8 3 is the Eastern District of Virginia.

This is Doug.

And his story perplexes me because of stuff he says like October 18th, two thousand eighteen, I was paid a hundred and sixty thousand dollars in that one day.

So what did you do to make one hundred and sixty thousand dollars in one day? Well, he’s a hacker.

These are true stories from the dark side of the Internet.

I’m Jack Reciter. This is Darknet Diaries.

Support for this episode comes from SentinelOne. It’s all too common. A family member or colleague calls asking for help because some kind of ransomware has infected their computer. Bummer. Now imagine this on the scale of an entire organization. This is exactly what set in a one was built to prevent and solve. Besides the ability to prevent ransomware and even rollback ransomware if it is encrypted, Sentinel 1 also has a ransomware warrantee. Visibility in each of these endpoints is available from an easy to use console, allowing security teams to be more efficient without the need to hire more and more people on top of that. Certainly one offers threat hunting, visibility and remote administration tools to manage and protect any IAPT devices connected to your network with Sentinel One. You can replace many products with one if you’re a CSO, a security leader or I.T. manager in the enterprise. Don’t settle to live in the past. Get a personalized demo and a 30 day free trial that allows you to see the benefits up close and personal. Go to SentinelOne dot com slash darknet diaries for your free demo. Your Cyber Security Future starts today with SentinelOne.

So Duggie, his real name is Tommy de Vos. And like many hackers, his story starts out when he was a young boy in a chat room.

I actually joined the wrong chat room by mistake. It was just like somebody else’s private room, and it was run by a guy that used the alias Deez Nuts.

D.e. And UTC. But I just did this last joint pound Deasey by mistake and this brought him to a chat room full of hackers.

I kind of just hung out in there. I would just keep joining that same crew every day after school for a couple of weeks. So I started like asking him questions. They’re like, who the hell is this kid? Blah, blah, blah. And I got banned like several times.

There’s something magical about being in a chatroom as a teenager. They’re fun and addicting. And even though he was banned, he figured out ways to get back in.

Well, I would just disconnect, reconnect and then go back in again. And after going and spending. I don’t know. Several months of just keep going back in there repeatedly and asking just pretty much begging the guy to teach me stuff.

Because Tommy saw this chat room was full of hackers, people breaking into computers and networks that they weren’t supposed to. And Tommy thought this was cool. And he wanted to get in on the action, too. And he went to learn what these hackers were doing. And even though they kept banning him, he just kept finding a way back into the channel and was asking them to teach him how to hack. And eventually they gave in and threw him a bone.

And like the first thing that he told me was go to Yahoo! AltaVista. He was like, read everything that you can find about hacking.

I want to say this would have been happening in about 90 4ish. So actually, in 1994, Tommy would have only been 12 years old, a pre-teen still. Well, after bouncing in and out of all these chatrooms. He finally landed on a name. Duggie G is what he would be known as online, and that’s Doggy’s spelled DEA w.g. Y. And so he starts learning some basic hacking techniques by reading up on it. At that time, Frack was a free online hacking magazine, so he probably dove into that and started reading it from like the first issue and slowly going through it, reading every issue. And he learned a few things here and there, but he’s just twelve.

So he was just starting out and wasn’t very good. But he eventually joined an Irish Sea hacker crew called TDK.

Tdk was stood for those damn kids. The main focus of TDK was piracy EPP networks. We would build botnets to go and check every single out in our target room and find a server that didn’t have anybody from that server on it. That was an operator.

And then we would detox that server to split it off in the network and then date basically just take over the channel. Damn you. You’re the one. So there was so much back in the day. Yeah, I remember that.

I remember that because I was also hanging out in I.R.S. channels in nineteen ninety four. UNEF net the exact place where dog was trying to do server splits and take over the channels. I remember channels getting taken over by young kids, but at the time I thought it was kind of funny and didn’t really take these chat rooms too seriously. And when Tommy started calling himself Doug e.g. trying to take over these chat rooms, I think this is where he starts trying on his black hat. That is, he’s trying to conduct hacks that are causing destruction and grief. Maybe taking over a chat room isn’t illegal, but this would be the beginning of his lifelong hacking career. What led you up to getting suspended at high school?

So you used to get bored a lot. While I was taking a computer class or it was cute basic in school.

So a lot of times I’d get bored and it wouldn’t have anything to do because I would write my program for the class really fast and I would actually $d my school’s IP address to take our Internet down because then we couldn’t do class. So we get to go outside and play.

Yeah. He crashed the school’s internet because he would rather go outside and play.

Well, I actually got in trouble for doing that. They suspended me the first time. Three days for that.

That was his first suspension from high school, but it wasn’t his only one. Soon after that, he got suspended again.

I got expelled from school because I broke into a military base in Korea and use their computer systems. I hijacked the AOL account that the general of the base was using. And I sent an email from his email address, from his AOL account to the superintendent of Hanover County that one of the high schools in his county was going to blow up at 10:30 in the morning.

A convoluted scheme, but it was done for the same reasons as the first one. He just didn’t want to be in school.

He wanted to be able to skip school, go to the river, smoke weed and just have one for the day.

It worked. Sort of. School was canceled, but he didn’t get away with it.

I went to school the next day. There was a guy in a suit on each side of the door and they were like, you need to come with us.

I got expelled. So how did he get cut? Did that military base in Korea do some forensic investigation and traces back to a teenager in West Virginia? No.

Did the police track his online connections? No. Again. What happened is that he told someone that he’s the one who got school canceled that day and that person went and told someone at the school that Tommy is who sent in this bomb threat.

And because I had used the Internet to do it, the FBI ended up raiding my house about two weeks after it happened to take my computers. And that was the first time that I was charged with computer crimes. I was actually charged with violating the Computer Fraud and Abuse Act, being a minor, a sophomore, one of those damn kids in the eyes of the law.

This could get bad pretty quick. The feds took his computers, but let him go free. As they investigated the case, well, this gave him more time, more time to hack more stuff. He got a new computer and slipped on his blackhat again. But forget about TDK at this point. He was onto more ambitious adventures.

So I started talking to a bunch of other hacking groups and I came. I got in contact with a guy named Rotha who was a member of Rodolfo, and he was telling me about. They had rules for the group where you were only allowed to hack Unix systems.

You are allowed to target windows because windows was too easy and they like to only attack government, military and Fortune 500 companies.

This was great. Doug Gidgee liked everything about this. The rules, the people, the stuff he was learning.

So he started hacking with world of how so? Then in June of 2001, I defaced my first Web site as part of World. And it was actually the Virginia. I broke into the Virginia Department of Information Technology and defaced w w w dot state, dot V.A. dot us, which was our main state Web site. Just from that point on, I just was defacing stuff with Warnaco or nonstop for about six to nine months.

Oh, here’s your wondering defaces. Just a term used to change what’s written on a Web site so you can like swap the photo that’s on the front page as some mouse or just change what’s said there to whatever you want. In this case, he probably had to prove himself that he was the guy who hack this site. So he probably wrote something on there like Hacked by Duggie G or hacked by World of Hell or something like that. What were some of the sites that you knew that you were hitting or world of hell was hitting?

Yahoo! Dot com dot P.H., Nokia, dot com Sony.

Dot com Dotson’s Dunhill Epson Fujifilm it hacking is a drug. Mercedes Benz Duggie G was getting addicted world online. The car company AOL was loving.

This hacking in the world of hell hacker group HP.

But the problem with addiction’s is that you can overdose.

United Airlines, Casio, Motorola.

And you can fall into a world of pain.

One day, Sony Music, Toshiba, Opel, Volvo, E.A. Sports.

After the break, the party ends for doggie Rolex.

Pfizer oblige a Chinese government systems. The US Department of Energy. U.S. Court Systems.

Venezuelan military.

Working remotely can be a challenge, especially for teams that are new to it. How do you deal with your work environment being the same as home while staying connected and productive? And then there’s your newest co-worker, the cat. Well, your friends at Trello have been powering remote teams globally for almost a decade, at a time when teams must come together more than ever to solve big challenges. Trello is here to help Trello, part of that Larsons collaborative suite as an app with an easy to understand visual format, plus tons of features that make working with your team functional and just plain fun. Chelo keeps everyone organized and on the same page, helping teams communicate, focus and connect teams of all shapes and sizes at companies like Google, Fender, Costco and likely your favorite neighborhood coffee shop. All use Trello to collaborate and get work done. Try Trello for free and learn more at Trello dot com. That’s tr e l dot com. Trello dot com.

Creative Dot, Audi, Kenwood, Acer, Highschooler Doug e.g. was still hunched over his monitor, wearing a black hat and defacing Web site after Web site, Xerox, Packard Bell Compact, 3Com doing all he could before he turned 18, which was an adult in the eyes of the law.

So I turned 18 in November of 2001. I actually stopped hacking for a few weeks, but then I got bored again. So I started doing it again. I hacked consistently until June 12th of 2002.

In the year 2002, on June 11th that night, Milin Black 2 had just come out in theaters.

So that night before I went to bed, I downloaded Men in Black to plan was I was gonna go to work the next day and then I was gonna come home from work early, smoke weed with my sister.

Don’t bother calling the CIA.

Forget the FBI and we were gonna watch that movie.

He got out of work for the same reasons he wanted to get out of school so he could go play. In this case, to play an illegally downloaded movie. So he goes home to his apartment with his sister and they watch Men in Black 2.

But the real men in black were knocking on his door.

And I went to push the door open, but it was yanked open in front of me and an M-16 was in my face. So there is somewhere between 20 and 30 agents inside of my apartment. My sister was sitting on my couch crying. My dad was standing in the living room next to her. And just like when he saw me walk through the door, he just looked at me and shook his head. They took everything in the house that was related to computers are all floppy disk. Any C.D. that was in there, every computer, every computer component, every piece of paper that had notes handwritten on them.

And what was going on? I mean, what was your emotional level at that point where you like freaking out about this? So how how are you feeling?

I was I was scared shitless at the time because I was an adult at that point and I was on probation still for the hacking and voluntary two years before.

Once again, they took all his electronics and computers and he had two weeks before his court date.

This is it. I’m sorry. I’ve got two weeks of freedom. They’re going to lock me up in two weeks. So I was like, screw it. I’m just gonna have fun and do whatever.

So I spent two weeks racing, I used to street race a lot, so I spent two weeks street racing going to the beach about hanging out with as many of my friends as I could, trying to sleep with as many different girls as I could.

Now, 19 years old, black hat hacker Tommy Device Doggy stands in front of a judge two weeks later. Hats were not allowed in court.

I ended up pleading guilty in October of 2003 to one count of violating the CFA for breaking into a computer system that controls interstate commerce. I had broken into a Web site called Bank Coehlo B A in K C O L o dot com and deface the Web site. And turns out it was for the Colorado Bank and Trust Company.

Yeah, messing with a banking website was probably a bad move. I mean, they’re federally regulated and insured, which means that crimes involving a bank are probably going to be investigated by federal law enforcement.

The judge asked me to stand up and he looked at me and he said, Mr. Wells, I do not believe that you’re sorry for anything that you’ve done. I think the only reason that you are showing any remorse whatsoever is because of the fact that you got caught.

He ended up sentencing me to 27 months in federal prison.

Banning me from computers for 10 years.

And giving me five years of probation. And I want to say it was one hundred thousand dollars of restitution. So then after he pronounced my Senate, he said, I now place you in the custody of the U.S. Marshals to serve your sentence. A My knees pretty much gave out on me. I was just I walked in there expecting to walk back out that day for at least 30 days. And now all of a sudden, I’m.

Getting locked up for almost two and a half years.

The fun was over, Doggy’s hacking spree was done back to being Tommy with no had to wear in prison. What were some of the tattoos you got?

My first tattoos in prison. I got a tribal on each one of my biceps. One on each side. I was just small or tribal and one had a T for my initial and the other one had a C for the girl I was dating at the time. I got three dots on my right wrist, which is a Hispanic gang tattoo for Punto SOCOs crazy life. I had the words crazy life put on. I don’t know what it’s called. It’s not my forearms, but it’s like the back of my arms between my elbow and my risk.

Crazy was put on one side. Life was put on the other side. I went in with like five or six tattoo’s and came out with like twenty five or thirty total.

Tommy served his two years in prison and got out. And at this point is 2006. He’s 22, but still has to serve probation. So you your real probation had 10 years.

No computers, no computers, cell phones, game systems, fax machines, anything that could communicate with other people. Aside from an actual phone, I could make phone calls.

I wasn’t allowed to touch a cell phone or anything like that, even when I would go and get a job. A lot of jobs would have you clock in on a computer. I wasn’t allowed to do that. I had to have another co-worker call me in and out for the first 30 days or so. When I got out of prison the first time, I didn’t do any drugs and I didn’t get on a computer or anything for the first 30 days.

This doesn’t sound good, but let’s not forget Tommy was once addicted to hacking. It was all he could think about. Not to mention being high. So even though he went two years without doing any of this, how long could he hold out? Now that he’s sort of free again?

It turns out 30 days I actually started defacing websites again because of how my bedroom was set up in the house.

I used to sit at my computer and I was sitting next to a window that I could see out, but you couldn’t see into it. So I just would always sit there. And if I saw Coracle in my driveway that I didn’t recognize, I would jump up and take my desktop computer completely apart by different parts of it in various places of the house. So it couldn’t be found. And then go and answer the door.

His probation officer would visit sometimes, come by and check on Tommy, talk to him, look around his room and make sure he wasn’t using a computer because that wasn’t allowed on his probation. And one day when his probation officer did come by, Tommy quickly shut down the machine, took it all apart and hid it all over his room. But he forgot to hide one thing. And when the P.O. came into his room, he saw a keyboard on Tommy’s bed, busted. This was a violation of his probation.

He had to go back to prison to do more time. Eventually, he came back home again. Again, his probation was that he could not use computers. Tommy just couldn’t keep his fingers off them. He didn’t want to hack anymore, but he was just addicted to computers and would use it for other things. But the FBI was interested to see if he was going to go back to being a hacker.

The FBI actually watched me for six months. They rented the house across the street from mine, took pictures of every person that came to my house. The FBI actually collected our choice to go through it, looking for evidence that I was on a computer hacking again.

As Tommy tells the story, his parents wanted to sell the house and a couple of FBI agents came over posing as potential buyers of the house. And that’s when they saw Tommy on his computer, in his room. And this was a direct violation of his probation, again, which was all the evidence they needed. The FBI went and got their arrest warrant and came back and knocked on the door.

And when I opened it, they bust through the door. And it was the FBI, I guess, which is the defense criminal investigative service. It’s kind of like the Department of Defense Defense’s version of the FBI, the Secret Service and state police for Virginia.

And they locked me up for violating probation and failing drug test. They gave me 14 months in prison that time, which was the maximum they were allowed to give me. They gave me what they called diesel therapy. They put me in solitary confinement for three weeks in Petersburg. Then they shipped me from there to USP Atlanta, which is a maximum security prison in Atlanta, Georgia. They put me in solitary confinement.

Therefore, I want to say it was another three weeks. And then they sent me from there to a medium high prison in Williamsburg, South Carolina, where they put me in solitary one for a couple of weeks before putting me on the actual compound.

I think going back to prison again really did change, Tommy. He didn’t like it there. He didn’t want to ever come back. So I spent a long time waiting, which was worth more to him. The high you get from hacking or his freedom. Now, each time he went to court, he ended up in front of the same judge every time. And that judge’s name was Judge Payne.

And Judge Payne said something to him which had a lasting impact.

So the last time I was in court on October twenty eight of 2009, I had Judge Payne for every time I went to federal court, I had the same judge. And he told me that if he ever sees me in his courtroom again for a computer crime. He was gonna give me life in prison. Yeah, he made it. So I don’t know. I don’t want to hack it legally anymore. I got a daughter that would be really mad at me if I went to prison for the rest of my life.

So Tommy gets out of prison and does good on probation. No violations. In fact, he does all the time he’s supposed to do. And on November 3rd, 2010, his probation is done and he’s a free man once again.

It was really nice to know that I could on computers again and not like have to worry that I was gonna go to prison or get caught ornament or anything. I didn’t have to hide them anymore. I was allowed to get cell phones. And the biggest thing to me was the fact that I was allowed to go to school now while I was on probation. I wasn’t allowed to go to college because you can’t go through college without having to use a computer for something. Especially when I wanted to go through computer stuff and I was allowed to try to find a computer job at that point. So that was like the biggest difference for me.

He could go to college, use computers, but of course, he was not allowed to do any illegal hacking.

No matter how tempting it might be, finding a legit job in the tech industry is really hard when you have a federal conviction on your record, especially for fraud.

I spent three years from 2010 to 2013 trying to find a computer job period. I kept working as a cook and doing construction, but I couldn’t find any company that would hire me doing computers because of my background and everything. They automatically think you were stealing money or identities.

Tommy would sometimes get that itch to beat dog e.g. the black hat hack into something again, but he controlled his temptation’s no matter how strong they were. The truth was he was really good at hacking. When you’re really good at something, you like doing it. But then he heard about something new, something that would change his life and start a new chapter for him. Bug bounties.

There are two main Web sites that do this. Hacker 1 and bug crowd companies will go to these Web sites and say something like, hey, if anyone can find a security issue on our Web site, we’ll give them a reward. Tommy came across Hacker 1 and decided to check it out. He saw the Web site Yahoo! Had a bug bounty program and he was already really familiar with the way Yahoo! Work. He’d been poking at it and hacking on it throughout his whole teenage life. So he was kind of flabbergasted. Now that Yahoo! Was willing to pay anyone who could find a security problem in their Web site. So you start hacking around on their site and found something.

I reported my first bug on hacker one to Yahoo! In March of 2016. And I found that a lot of Yahoo! System admins and developers were using just to share information and they were forgetting to make them private or delete them after the fact. So I found a bunch of them that were leaking like internal passwords, database credentials on network maps and stuff like that.

So that was my first blog. Yahoo! Reported it to them and they gave me like three hundred bucks for as in Yahoo!

Was thinking, Tommy, for hacking their site and telling them about a security problem they had. And we’re so happy they gave him three hundred dollars for this.

So I was like, oh, shit. So maybe this is real. I made very little money in the first couple of months because it was all like really low level things that I was finding. And then in May of 2016, image, tragic image, magic, remote code, execution, vulnerability was published at that time.

The image magic bug was a vulnerability where Web sites let you upload an image, but you could send a malicious image to it and then you can get access to the Web site just by uploading a malicious image.

And I actually got remote code execution on two of Yahoo! Servers using that and got the first one was a thousand dollar bounty. And then the following week I found the same RC on a different server, reported that they gave me the full four thousand dollars.

And with that, Duggie was back, this time completely legal, this time waving a white hat because all this was legit and paid up by Yahoo! The company he hacked. But because they have a bug bunny program, it explicitly allows this kind of hack if you’re participating in the program and they’ll pay you for it. So he was basically given the green light to hack once again. Doggie G was in somewhat disbelief. Is this even real? But it was. So he sat up straight, cracked his knuckles, and began going to town looking for more bugs that would pay out.

So in my first year, doing bug bounties in 2016, I think I only made him say somewhere between like thirty and fifty thousand dollars somewhere. Almost all of it was on hacker one. And then in 2017, I had me. I ended up making like I set the goal to make a hundred thousand dollars in 2017 from bugs bounties and made somewhere between one hundred and fifteen two hundred thousand dollars for 2017.

The white hat hacker move was working for him, but what looked even better? What he really wanted was a green hat. Green as in money.

Two thousand eighteen. I think I made combined across all three platforms somewhere between six and seven hundred thousand dollars for Duggie G.

Money looked best when it was turned into cars. Men in Black 2 got him in real trouble, but Fast and Furious truly inspired him.

So the Fast and Furious movies started coming out. What was it like? Ninety nine or so and fell in love with the skyline?

Rs So tell me about what happened to you in January 2018 and January 2018.

I got one hundred and seventy five dollar bounty on a Friday afternoon on a hacker one program and I was kind of mad about the bounty because it should have been quite a bit more. But the program paid really bad and I put one hundred and seventy five dollars on a bet on basketball, international basketball a lot. But that seventy five dollars on there at about seven o’clock on that Friday night. And by Monday afternoon, 4:00 or 5:00 in the afternoon, I turned one hundred and seventy five dollars into one hundred and thirty three thousand dollars.

So I went through like fifty thousand of it and I went and bought my first skyline.

It was a nineteen ninety two or thirty to PTSD.

Right. That was technically my dream car. It was at the GCR model, but it was still at Skylight. So I was like extremely happy.

In 2018, Dog kept finding and submitting bugs on hacker one two hundred dollars here, one thousand dollars, they’re five thousand dollars there. He was racking up one bounty after another. Slowly but surely fattening his stack, earning his green hat. And then he scored the biggest bounty yet again.

So October 2018, I set the record for the most the highest amount of bounties paid in a single day to a single researcher. I was playing with the Sara and I found a bypass for their blacklist that they had used. And I ended up being able to bypass the blacklist in a total of fifteen or sixteen different endpoints. caressa. Sara.

I know some of you don’t understand what he’s saying. That’s OK. All you need to know is that he found a vulnerability 16 times on a single company’s Web site and ended up getting new bugs for all 16 of them.

And each one of them was ten thousand dollars.

So it was like October 18th or something like that. Two thousand eighteen. I was paid one hundred and sixty thousand dollars worth of bounties in that one day.

What is that feeling like to get one hundred and sixty thousand in a day’s work?

Unreal. It was just like it still seems too good to be true. That’s my sealed day. Highest payout, but I’ve had at least five or six single days where I’ve made six figures in one day. Ask any race in any real race.

It don’t matter. You win by an entire on my winnings winning.

It’s unreal to know that 10 years ago. Right now I was sitting in federal prison. Now I am one of six people on hacker one that have made a million dollars just on the hacker one platform.

I’m pretty sure I’ve made over eight hundred thousand dollars in 2019 just from Hacker.

I’ve confirmed all this, by the way. I’ve read through his court cases. I’ve listened to his mother talk and Hacker One themselves has announced that Tommy was the sixth hacker on their site to make one million dollars. And in 2019, he made nine hundred and ten thousand dollars total just missing his goal of 1 million dollars in bug bounties in one year. What did your parents think when you started using Hacker One to hack again?

At first they were super leery of it.

After, like, my mom finally accepted it. Actor Like the first year or so when she saw it, I was able to make money and I was making decent money and not get in trouble. My dad still doesn’t accept it. He actually won’t talk to me because he thinks that I’m wasting my life and wants me to get a normal 9 to 5 job and everything.

And last time I actually spoke to him was in February of this year and he was disowning me and telling me that I needed to stop wasting my life and get a real job before I lose my life or something along those lines.

And that’s because he thinks this isn’t legit work.

Yeah.

I’m hoping that he’s seeing it now. In the last in 2018, I’ve bought cars for my two nieces that are 17 years old, about both of them, their first car. I bought my baby sister, who is about to turn 18. I bought her her first car.

I bought my one. But I’ve got a set of twin sisters a year younger than me. One of them lives in port. I bought her a truck earlier this year. I bought her twin sister a car and a truck a few months ago. I bought my mom a Mustang back in October of this year, and I bought myself this year. I bought my cell phone, Infiniti, g37. I’m planning to buy my dad a brand new truck. I’m planning on buying him a truck within the next month or two and then just buying it, taken it to his house, put it in his driveway with the keys and the title and just leave it there and let them come home from work to find a brand new truck in his driveway for.

There’s an update here. I recorded this interview like months ago, but I check with Tommy just before airing this and he’s slowly getting on talking terms with his dad again. And when he pitched this idea to him, his dad had another plan. Remember the car Tommy bought his 18 year old little sister? Well, she didn’t drive it right. And she blew the engine. So Dad said, instead of buying me in your truck, why don’t you buy another new car for your little sister? So that’s what Tommy’s planning on doing. And also, at this point, Doug has earned so much money that he’s been able to buy two of his dream cars. And both of them are the classic Nissan Skylines from 2 Fast 2 Furious. What did the license plates on your cars?

On my home r32 GST.

I’ve got an antique tag on it that says Hacker H4 S.K. 3 are on my 92 r32 GCR. It says Baladi, please. And then I have on my Infiniti g37. I have the license plate. Thank you. Hacker 1. Earlier this year, I actually a couple of months ago, I actually was sent to D.C. by hacker one and I spoke at a little cyber security leaders meet up between the government and government military agencies. So going from a black hat, being sent to prison for hacking the government to actually being invited to speak to government leaders about my experience hacking them.

This is the weird new future we’re living in. Ten years ago, when Duggie G was hacking, bug bounties didn’t exist and the government was chasing him. Now Douggie is doing the same kind of hacking, but now companies are paying him to do it and the government is asking him to come teach them. Sort of like if he can’t beat them, join them.

Yeah, exactly. And the good thing, one of the things that I love about the D.O.D program so much is that it’s their scope. Tons of companies start up a bug bounty program and they have an extremely limited, limited scope.

And it’s like we only want information about these and everything. And as a former blackhat, I know that I don’t give two shits about a scope if I’m a black cat.

So yeah, Tom is now helping the feds secure their networks. It’s weird how it all turned out, isn’t it? And even though the bug bounties are bringing him a great income, he’s actually been looking for a day job lately.

I don’t have anybody to talk to that when I make a really cool hack or anything like that.

Aside from the people online, I see hacking as kind of an addiction. I’m just as much addicted to hacking as I ever was addicted to any drug or anything like that. I’ll never stop hacking. They’re actually the only reason I’m looking for a full time job is because I miss working with the team.

I just want to have a little bit of structure to my day so that I’m not just like I sit around bored out of my mind a lot and there’s only so much X-Box you can play and all online games and stuff you can play before even they get boring.

Tommy did in fact recently get a job with one of the biggest banks in the US doing research on the threats they see there. He applied, interviewed, they liked him, he passed, got the job and he had a start date in January. But when they ran a background check on him, they got worried and so they decided not to bring him on board. And this was a bummer, since another reason he wants a day job is to prove to his dad that he’s doing good work.

I think you’ll be happier then. I’ll still be doing my book, bounties and stuff, but I’ll have what he sees in his eye as a real job.

Ok. So if Tommy’s story is inspiring to you, you can get started earning money, finding bugs, too.

And this is what Tommy suggests you do to get started just doing hacker one to one dot com, which is kind of like Hacker University where it’s capture the flags and stuff to show you some real world examples of things that bug hunters are bound to give you a hands on experience doing pen tester labs. I always suggest when somebody ask me where to start is reading every blog post you can find from all corners about what they found and everything. So it gives you an idea.

Last thing I asked Tommy, former criminal, is if he has any advice for the next generation who might be thinking of trying on that black hat?

A It’s not worth doing the stuff illegally. Thanks to Edward Snowden’s leaks back in 2013, we know that everything we do online is monitored by the US government and anybody that thinks that they can do things illegally and get away with it is mistaken. Anybody that has been doing things illegally and has gotten away with it, it’s it’s only because they haven’t wanted to look at you yet, but they can. You’re not gonna hide yourself completely. Everybody makes mistakes. And the amount of money that you can make doing this legally far outweighs the money you’re gonna make illegally. Because, I mean, if you’re good enough to do this as a black cat, you’re good enough to do this as a white and you can make Life-Changing money doing it.

Just before airing this episode, Tommy attended the H 1 4 1 5 hacking event. This is a nine hour hackathon put on by Hacker 1 in San Francisco. And the goal is to see how many bug bounties can be claimed within nine hours. A bunch of people showed up. Tommy went and he was finding bug after bug and reporting them. And within the nine hours given for the event, he earned one hundred and one thousand dollars, which gave him the coveted M V H most valuable hacker.

I get a little jealous listening to this story because I was one of those people who did everything right. I have never been arrested for hacking. I never went to prison. I went to university and got a computer science degree. And then I spent 10 years working as a security engineer. I mean, nothing close to a million dollars. Yet here is Tommy breaking all the rules and getting scarred again and again, failing repeatedly and still coming out, not just okay, but with all the toys. But I guess it just reminds me of that. Fast and Furious quote. You know, no.

One of the things everyone knows is not I stand by your side, your race.

A very big thank you to Tommy de Vos, a.k.a. Doggie G. Great story, but stay out of trouble. OK. Oh. Have you listened to the five bonus episodes of Ducted Diaries yet? They’re out there, but they’re only four pages on supporters. If this show brings you value, please consider giving to The Dark Knight Diaries Patriarch. You can also get an ad free version of the show there, too. The show is made by me, the Tokyo drifter Jack Reciter. This episode was produced by the turbo charged Jake Warga editing help. This episode by the windblown Damian and our theme music is by the electric powered brake master cylinder. And even though a Marai botnet is launched somewhere in the world, every time I see it, this is Darknet Diaries.

(function(s,o,n,i,x) {
if(s[n])return;s[n]=true;
var j=o.createElement(‘script’);j.type=’text/javascript’,j.async=true,j.src=i,o.head.appendChild(j);
var css=o.createElement(“link”);css.type=”text/css”,css.rel=”stylesheet”,css.href=x,o.head.appendChild(css)
})(window,document, “__sonix”,”//sonix.ai/widget.js”,”//sonix.ai/widget.css”);


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

How Adobe shifted a Las Vegas conference to executives’ living rooms in less than 30 days

Adobe was scheduled to hold its annual conference in Las Vegas two weeks ago, but the coronavirus pandemic forced the company to make alternate plans. In less than a month, its events team shifted venues for the massive conference, not once, but twice as the severity of the situation became clear.

This year didn’t just involve Adobe Summit itself. To make things more interesting, it was also hosting Magento Imagine as a separate conference within a conference at the same time. (Adobe bought Magento in 2018 for $1.6 billion.)

Originally, Adobe had more than 500 sessions planned across four venues on the Las Vegas Strip, with more than 23,000 attendees expected. Combining all of the sponsors, partners and Adobe personnel, it involved more than 40,000 hotel rooms.

Once it became clear that such a large event couldn’t happen, the company reimagined the conference as a fully digital experience.

Plan A

VP of Experience Marketing Alex Amado is in charge of planning Adobe Summit, a tall task under normal circumstances.

“Planning Summit is a year-round endeavor,” he said. “Literally within weeks of finishing one of those Las Vegas events we are starting on the next one, and some of the work actually is on an 18 or 24-month cycle because we have those long-term hotel contracts and all of that stuff.

“For the last 12 months, basically, we had people who were working on what we now call Plan A — and we didn’t know that we needed a Plan B and Plan C — and the original event was going to be our biggest yet.”

2019 Adobe Summit stage in Las Vegas. Photo: Ron Miller/TechCrunch

After the team began to wonder in January if the virus would force them to change how they deliver the conference, they started building contingency plans in earnest, Amado said. “As we got into February, things started looking a little scarier, and it very quickly escalated to the point where we were talking really seriously about Plan B.”

The Good, the Bad and the Ugly in Cybersecurity – Week 15

The Good

As organizations around the world continue the rapid transition to remote work, one educational institution in the UK managed to deliver a 5-year digital transformation plan in a single week. Going from a mere 100 remote users pre-Covid-19 lockdown to 22,000 in the space of a week may seem like an impossible task, but that didn’t phase the University of Sussex’s IT team. The feat was helped along by the fact that they had already begun work on the plan due to physical constraints at the university’s single-site campus long before anyone had ever heard of the coronavirus. However, what really made the difference was executive buy-in once the impact of the virus became apparent. With senior leadership on board, turning the long-term plan into a short-term business deliverable started to look genuinely achievable, and achieve it they did.

For other businesses still working through the details of how to move a large workforce to fully remote, the story of how SentinelOne successfully managed such a rapid transition should also prove insightful. As with University of Sussex, the keys to success lie within your organization rather than without.

The Bad

Researchers this week revealed details of a new botnet they have dubbed ‘dark_nexus’ that, while currently small, is under rapid and active development and has some interesting tricks up its sleeve.

Along with standard DDoS attacks, the botnet has the ability to disguise an attack as normal browser traffic in the hope of evading detection. The code also contains a ‘killer module’ which attempts to identify processes that may be a potential threat to itself, such as rival botnets. Among a number of persistence techniques, dark_nexus attempts to prevent device reboot by stopping the cron service and disabling other executables that could reboot the device. In common with Mirai and other botnets that specifically target IoT devices, dark_nexus uses a list of hardcoded credentials to attempt to brute force other machines on the network with such timeless classics as “admin:admin” and “user:user” as well as known defaults for Zhone and Dlink routers, among others. Fortunately for enterprise, Security 101 will keep organizations safe from this and other IoT botnets: ensure your IoT fleet is managed properly and that default credentials are changed.

The Ugly

There’s no shortage of stories on the shortage of cybersecurity professionals, and there’s greater focus on this now more than ever after CISA declared that those in cybersecurity are essential workers. But as ever, there are those that will look to exploit any situation to their own advantage in order to make a quick buck. This week’s Ugly starts with a complaint from a LinkedIn user who was offered an unethical means of gaining a certified ethical hacking certificate.

Unfortunately, this isn’t an isolated case. With cybersecurity skills in high demand and paying high salaries, so-called ‘exam substitution’ services, whereby someone else offers to take the exam in your name, are not hard to find. One such site advertises “EC-Council Certification Without EC-Council Exam Or EC-Council Training. 100% Pass-Guaranteed or 100% Money Back!”. Potential buyers are told that they “no need take exam”, “no need training” and “no need to go anywhere”. Just pay your money and “we’ll deliver the certification right at your doorstep within next 5 days”. The cost? In this particular case, a one-time, up-front payment of $2800.

Such sites have “Scam!” written all over them, and we can’t help feeling that anyone finding themselves empty-handed or receiving a patently phoney “certificate” after trying to unethically obtain an ethical hacking certificate is not only unfit for our profession but also got a rich dose of what they justly deserved.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Incoming IBM CEO Arvind Krishna faces monumental challenges on multiple fronts

Arvind Krishna is not the only CEO to step into a new job this week, but he is the only one charged with helping turn around one of the world’s most iconic companies. Adding to the degree of difficulty, he took the role in the midst of a global pandemic and economic crisis. No pressure or anything.

IBM has struggled in recent years to find its identity as technology has evolved rapidly. While Krishna’s predecessor Ginni Rometty left a complex legacy as she worked to bring IBM into the modern age, she presided over a dreadful string of 22 straight quarters of declining revenue, a record Krishna surely hopes to avoid.

Strong headwinds

To her credit, under Rometty the company tried hard to pivot to more modern customer requirements, like cloud, artificial intelligence, blockchain and security. While the results weren’t always there, Krishna acknowledged in an email employees received on his first day that she left something to build on.

“IBM has already built enduring platforms in mainframe, services and middleware. All three continue to serve our clients. I believe now is the time to build a fourth platform in hybrid cloud. An essential, ubiquitous hybrid cloud platform our clients will rely on to do their most critical work in this century. A platform that can last even longer than the others,” he wrote.

But Ray Wang, founder and principal analyst at Constellation Research, says the market headwinds the company faces are real, and it’s going to take some strong leadership to get customers to choose IBM over its primary cloud infrastructure competitors.

“His top challenge is to restore the trust of clients that IBM has the latest technology and solutions and is reinvesting enough in innovation that clients want to see. He has to show that IBM has the same level of innovation and engineering talent as the hyper scalers Google, Microsoft and Amazon,” Wang explained.

Cultural transformation

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return. The question is, will those non-filers have a chance to claim their payments before fraudsters do?

The IRS says the Economic Impact Payment will be $1,200 for individual or head of household filers, and $2,400 for married filing jointly if they are not a dependent of another taxpayer and have a work eligible Social Security number with adjusted gross income up to:

  • $75,000 for individuals
  • $112,500 for head of household filers and
  • $150,000 for married couples filing joint returns

Taxpayers with higher incomes will receive more modest payments (reduced by $5 for each $100 above the $75,000/$112,500/$150,000 thresholds). Most people who who filed a tax return in 2018 and/or 2019 and provided their bank account information for a debit or credit should soon see an Economic Impact Payment direct-deposited into their bank accounts. Likewise, people drawing Social Security payments from the government will receive stimulus payments the same way.

But there are millions of U.S. residents — including low-income workers and certain veterans and individuals with disabilities — who aren’t required to file a tax return but who are still eligible to receive at least a $1,200 stimulus payment. And earlier today, the IRS unveiled a Web site where it is asking those non-filers to provide their bank account information for direct deposits.

However, the possibility that fraudsters may intercept payments to these individuals seems very real, given the relatively lax identification requirements of this non-filer portal and the high incidence of tax refund fraud in years past. Each year, scam artists file phony tax refund requests on millions of Americans, regardless of whether or not the impersonated taxpayer is actually due a refund. In most cases, the victim only finds out when he or she goes to file their taxes and has the return rejected because it has already been filed by scammers.

In this case, fraudsters would simply need to identify the personal information for a pool of Americans who don’t normally file tax returns, which may well include a large number of people who are disabled, poor or simply do not have easy access to a computer or the Internet. Armed with this information, the scammers need only provide the target’s name, address, date of birth and Social Security number, and then supply their own bank account information to claim at least $1,200 in electronic payments.

Page 1 of 2 in the IRS stimulus payment application page for non-filers.

Unfortunately, SSN and DOB data is not secret, nor is it hard to come by. As noted in countless stories here, there are multiple shops in the cybercrime underground that sell SSN and DOB data on tens of millions of Americans for a few dollars per record.

A review of the Web site set up to accept bank account information for the stimulus payments reveals few other mandatory identity checks to complete the filing process. It appears that all applicants need to provide a mobile phone number and verify they can receive text messages at that number, but beyond that the rest of the identity checks seem to be optional.

For example, Step 2 in the application process requests a number of data points under the “personal verification” heading,” and for verification purposes demands either the amount of the applicant’s Adjusted Gross Income (AGI) or last year’s “self-selected signature PIN.” The instructions say if you do not have or do not remember your PIN, skip this step and follow the instructions in step A above.

More importantly, it appears one doesn’t really need to supply one’s AGI in 2018. “If you didn’t file a return last year, enter 0,” the site explains.

Step 2 in the application for non-filers.

In the “electronic signature,” section at the end of the filing, applicants are asked to provide a cell phone number, to choose a PIN, and provide their date of birth. To check the filer’s identity, the site asks for a state-issued driver’s license ID number, and the ID’s issuance and expiration dates. However, the instructions say “if you don’t have a driver’s license or state issued ID, you can leave the following fields blank.

Alas, much may depend on how good the IRS is at spotting phony applications, and whether the IRS has access to and bothers to check state driver’s license records. But given the enormous pressure the agency is under to disburse these payments as rapidly as possible, it seems likely that at least some Americans will get scammed out of their stimulus payments.

The site built to collect payment data from non-filers is a slight variation on the “Free File Fillable Forms” product, which is a free tax filing service maintained by Intuit — a private company that also processes a huge percentage of tax returns each year through its paid TurboTax platform. According to a recent report from the Treasury Inspector General for Tax Administration, more than 14 million Americans paid for tax preparation services in 2019 when they could have filed them for free using the free-file site.

In any case, perhaps Intuit can help the IRS identify fraudulent applications sent through the non-filers site (such as by flagging users who attempt to file multiple applications from the same Internet address, browser or computer).

There is another potential fraud storm brewing with these stimulus payments. An app is set to be released sometime next week called “Get My Payment,” which is designed to be a tool for people who filed tax returns in 2018 and 2019 but who need to update their bank account information, or for those who did not provide direct deposit information in previous years’ returns.

It’s yet not clear how that app will handle verifying the identity of applicants, but KrebsOnSecurity will be taking a look at the Get My Payment app when it launches later this month (the IRS says it should be available in “mid-April”).

20 Years In The Dark | The Dark Web Turns Twenty: What Does This Mean For A CISO?

Infamous for its illicit trade and now the adopted home of malware authors, purveyors of ransomware and traders in stolen credit card and other misappropriated data, the Dark Web (aka Darknet) has been with us now for two decades. While not everything on the Dark Web is shady – there’s plenty of traffic hidden from sight that is not only benign, but sometimes in the public goodthere’s no doubt that it has acquired a reputation as a place that harbors criminals, malcontents, and threat actors who might be planning on attacking your enterprise. In this post, as the Dark Web turns twenty, we review what it is, where it came from, and most importantly, what it means to today’s CISOs and their security teams.

How the Dark Web Started 20 Years Ago

The Dark Web (sometimes referred to as the “Darknet”) was officially launched 20 years ago, on March 20, 2000 with the release of “Freenet“: a peer-to-peer, decentralised network, designed to make it less vulnerable to attack and snooping by authorities and states.

Freenet was the brainchild of Ian Clarke, who developed the concept and the software tools required to support it during his studies at Edinburgh University. For his thesis project, Clarke created “a Distributed, Decentralised Information Storage and Retrieval System”, through which he hoped he could provide freedom to communicate without the fear of being tracked online.

Freenet is still available today, and it is still free to use. Freenet was mostly about information sharing (including pornographic and pirated materials), but otherwise the hardcore cybercriminals were at this time still using other platforms for their needs such as imageboards like 4Chan and IRC channels.

Peeling the Onion

On 20 September 2002, the The Onion Router (or TOR) Network was created by computer scientists Roger Dingledine and Nick Mathewson. Surprisingly, this semi-anarchist project was mostly funded by the US Naval Research Laboratory, which wished to facilitate safer communication with intelligence sources around the world. This is a critical point. The TOR network is not inherently evil, nor was it architected with bad intent. 

There has always been a need for a network which facilitates a higher level of security communications. This network allows for anonymous sources to be protected in hostile regimes, for example. The adoption of the TOR network by criminals is an unfortunate side-effect, but the value of the network should not be weighed based solely on that as there is also a percentage of legitimate and good activity as well. 

In 2004, the Naval Research Laboratory released the code for TOR under a free license, and the Electronic Frontier Foundation (EFF) began funding Dingledine Mathewson and others to continue its development, until they launched “The TOR Project”, a non-profit organization to help maintain the network.

The Onion Router is the most popular means by which people today access dark web sites. TOR has several search engines, directories and hidden wikis that users can use to navigate their way around the dark web and find the kind of sites they’re looking for. A version of the TOR browser even exists for mobile users. 

TOR greatly simplified access to and use of the Dark Web, and this has led to an explosion of sites offering almost any type of service imaginable, especially for contraband and illicit material – both physical and digital content – using a variety of online payment services like Paypal and Western Union.

Cryptocurrencies, Revolutions and the NSA

It wasn’t until around 2010 when cybercriminals really took to the platform. Forums like the Silk Road netted millions of dollars for their administrators with the aid of another technological development: cryptocurrencies, particularly Bitcoin (BTC) and, later, Monero. Cryptocurrency enables the anonymous transfer of funds and provides a nearly complete smokescreen for both buyers and sellers. 

Later, the Dark Web was used by hacktivists such as the Anonymous collective and Middle Eastern hacktivists involved in the Arab Spring to coordinate attacks on countries, organizations and enterprises.

Darknet users who value their privacy and anonymity also make use of virtual private networks (VPN). The reason for that is to disguise the fact that the user is actually connecting to TOR at all. Without a VPN, even though you may be anonymous, your use of TOR is not. It has been claimed that the NSA tracks the IP addresses of everyone who visits a TOR website, regardless of the content. According to leaks from whistleblower Edward Snowden in 2014, the NSA also collects the IPs of anyone using FreeNet, HotSpotShield, FreeProxies, MegaProxy and Tails. Hence, along with bitcoin, VPNs are part-and-parcel of the darknet user’s technology stack.

And What About the Dark Web Today?

Although the FBI took down the Silk Road and hacktivist activities have declined in recent years, the Dark Web is still a haven of illegal activity. Researchers at King’s College in London classified the contents of 2,723 dark web sites over a five-week period (2015) and found that 57% hosted illicit material.

As for the rest, it is largely a mixture of political dissidents, journalists, and whistelblowers mixed in with a motley crew of people trading esoteric or borderline-legal goods and services that the participants or community would rather not draw attention to. White hat, grey hat and of course, black hat hackers also all make use of the darknet for sharing techniques, intel and various software kits that could be used for both educational and illegal purposes.

Nevertheless, it is important to note that on any given day, there are only a few thousand illicit Dark Web sites that are active and accessible. It is very dynamic, and if we compare the risk of the Dark Web to the “clearnet”, there is no doubt that there are far more threats in the known clearnet than on the Darknet.

How is the Dark Web Relevant to a CISO?

So how is the Dark Web relevant to CISOs and CIOs? The fact that this network exists is in itself no cause for concern. Cybercrime existed before it was fully developed and will continue even if it were to shut down today. Even in that unlikely event, the same traffic would most likely migrate to social media or encrypted messaging apps like Signal, Telegram and WhatsApp.

But in all likelihood, the cybercriminals who are, or might be, relevant to your organization are active on the Dark Web today. Employing proactive threat intelligence from Dark Web sources can provide security teams with additional information that might prove useful for securing your organization against future threats.

Here are some examples of how Dark Web intelligence could be relevant to your security operations:

  • Tracking the development and sale of malware and exploit kits
  • Monitoring data dumps that could contain your IP
  • Finding stolen credentials such as login passwords belonging to your organization
  • Discovering vendors on the Dark Web actively selling access to corporate networks and MSPs

Summary

The Dark Web has been around for two decades, and it seems that it will continue to be with us for some time yet; its shape could change, but its function will likely remain the same. It isn’t the sort of mythical place some imagine it to be; it is real and won’t disappear just by simply looking the other way. But the Dark Web does offer some opportunities: it can provide us with useful intelligence. The SentinelLabs team regularly monitors the Dark Web and provides actionable intelligence for our customers.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

German security firm Avira has been acquired by Investcorp at a $180M valuation

Mergers and acquisitions largely grinded to a halt at the end of March, in the wake of the coronavirus pandemic spreading around the world, but today comes news of a deal out of Europe that underscores where pockets of activity are still happening. Avira, a cybersecurity company based out of Germany that provides antivirus, identity management and other tools both to consumers and as a white-label offering from a number of big tech brands, has been snapped up by Investcorp Technology Partners, the PE division of Investcorp Bank. Investcorp’s plan is to help Avira make acquisitions in a wider security consolidation play.

The financial terms of the acquisition are not being disclosed in the companies’ joint announcement, but the CEO of Avira, Travis Witteveen, and ITP’s MD, Gilbert Kamieniecky, both said it gives Avira a total valuation of $180 million. The deal will involve ITP taking a majority ownership in the company, with Avira founder Tjark Auerbach retaining a “significant” stake of the company in the deal, Kamieniecky added.

Avira is not a tech startup in the typical sense. It was founded in 1986 and has been bootstrapped (in that it seems never to have taken any outside investment as it has grown). Witteveen said that it has “tens of millions” of users today of its own-branded products — its anti-virus software has been resold by the likes of Facebook (as part of its now-dormant antivirus marketplace) — and many more via the white-label deals it makes with big names. Strategic partners today include NTT, Deutsche Telekom, IBM, Canonical and more.

He said that the company has had many strategic approaches for acquisition from the ranks of tech companies, and also from more typical investors, but these were not routes that it has wanted to follow, since it wanted to grow as its own business, and needed more of a financial injection to do that than what it could get from more standard VC deals.

“We wanted a partnership where someone could step in and support our organic growth, and the inorganic [acquisition] opportunity,” he said.

The plan will be to make more acquisitions to expand Avira’s footprint, both in terms of products and especially to grow its geographic footprint: today the company is active in Asia, Europe and to a lesser extent in the US, while Investcorp has a business that also extends deep into the Middle East.

Cybersecurity, meanwhile, may never go out of style as an investment and growth opportunity in tech. Not only have cyber threats become more sophisticated and ubiquitous and targeted at individual consumers and businesses over the last several years, but our increasing reliance on technology and internet-connected systems will increase the demand and need to keep these safe from malicious attacks.

That has become no more apparent than in recent weeks, when much of the world’s population has been confined to shelter in place. People have in turn spent unprecedented amounts of time online using their phones, computers and other devices to read news, communicate with their families and friends, entertain themselves, and do critical work that they may have in part done in the past offline.

“In the current market, you can imagine a lot are concerned about the uncertainties of the technology landscape, but this is one that continues to thrive,” said Kamieniecky. “In security, we have seen companies develop quite rapidly and quickly, and here we have an opportunity to do that.”

Avira has been somewhat of a consolidator up to now, buying companies like SocialShield (which provided online security specifically for younger and social media users), while ITP, with Investcorp having some $34 billion under management, has made many acquisitions (and divestments) over the years, with some of the tech deals including Ubisense, Zeta Interactive and Dialogic.

Pepper, a platform for restaurants and suppliers, pivots to deliver food to consumers

Though the effects of the coronavirus pandemic on restaurants has been crystal clear, many forget the impact this disease has had on food chain suppliers. With restaurants closed, these suppliers — who still have access to tons upon tons of food — no longer have customers.

Meanwhile, end consumers are dealing with their own stresses around securing food, deciding between venturing out to the grocery store and ordering food through increasingly unreliable grocery delivery services.

That’s where Pepper comes in.

Pepper launched late last year with an enterprise product focused on connecting restaurants with their suppliers. Most restaurants have 6+ different suppliers, and manually placed orders with each of them individually each night either by email, voicemail or text message. Oftentimes, there was no confirmation that the order was received, with employees receiving orders and hoping that everything arrived on time as it was requested.

To digitize the industry, Pepper developed an app that let restaurants input the contact information of suppliers and place orders quickly, and then let those suppliers press a single button to confirm the order was received and in progress.

In the six months since launch, things have changed dramatically for the startup, which has led co-founder and CEO Bowie Cheung to rethink the business.

Alongside facilitating orders between restaurants and suppliers, Pepper has now opened up a consumer-facing portal called Pepper Pantry, allowing everyday users to place an order directly with a food supplier.

Folks pay a flat $5 payments processing fee on the platform, and can choose from fresh meats, produce, dairy and other categories to have food delivered directly to their home.

Of course, this involved considerable adaptation on the part of Pepper and their suppliers, who are used to shipping pallets of food rather than bags or boxes. However, it has created some jobs on the supplier side as folks repackage food to amounts that are suitable for families or individuals, rather than businesses.

Cheung says the portions are still ‘bulk’ but more on par with a Sam’s Club or Costco purchase than the types of orders restaurants were placing.

Suppliers are able to choose their minimum order amount, which can range between $0 and $150. Thus far, eight suppliers have signed on to the Pepper Pantry platform, serving the greater NYC area (NYC, NJ, CT) and the greater Boston area.

Pepper declined to disclose its total funding amount, but did share that it has received investment from Greylock’s Mike Duboe and Box Group.

Free tool helps manufacturers map where COVID-19 impacts supply chain

Assent Compliance, a company that helps large manufacturers like GE and Rolls Royce manage complex supply chains through an online data exchange, announced a new tool this week that lets any company, whether they’re a customer or not, upload bills of materials and see on a map where COVID-19 is having an impact on their supply chain.

Company co-founder Matt Whitteker, says the Ottawa startup focuses on supply chain data management, which means it has the data and the tooling to develop a data-driven supply chain map based on WHO data identifying COVID hotspots. He believes that his is the only company to have done this.

“We’re the only ones that have taken supply chain data and applied it to this particular pandemic. And it’s something that’s really native to our platform. We have all that data on hand — we have location data for suppliers. So it’s just a matter of applying that with third-party data sources (like the WHO data), and then extracting valuable business intelligence from it,” he said.

If you want to participate, you simply go to the company website and fill out a form. A customer success employee will contact you and walk you through the process of uploading your data to the platform. Once they have your data, they generate a map showing the parts of the world where your supply chain is most likely to be disrupted, identifying the level of risk based on your individual data.

The company captures supply chain data as part of the act of doing business with 1,000 customers and 500,000 suppliers currently on their platform. “When companies are manufacturing products they have what’s called a bill of materials, kind of like a recipe. And companies upload their bill of materials that basically outlines all their parts, components and commodities, and who they get them from, which basically represents their supply chain,” Whitteker explained.

After the company uploads the bill of materials, Assent opens a portal for the companies to exchange data, which might be tax forms, proof of sourcing or any kind of information and documentation the manufacturer needs to comply with legal and regulatory rules around procurement of a given part.

They decided to start building the COVID-19 map application when they recognized that this was going to have the biggest supply chain disruption the world has seen since World War II. It took about a month to build it. It went into beta last week with customers and over 350 signed up in the first two hours. This week, they made the tool generally available to anyone, even non-customers, for free.

The company was founded in 2016 and has raised $220 million, according to Whitteker.

The Great Transition: Transforming Your Business To Survive COVID-19

Look inwards to your company mission & culture to make the best decisions for your teams and customers in this crisis.

In a matter of just a few weeks, businesses around the world have begun to engage in the largest exercise in organizational change ever conducted, and at a pace that, like the Coronavirus pandemic that precipitated it, is entirely unprecedented. There are no textbooks, use cases or research studies on how to conduct such a rapid and fundamental transformation successfully. For all of us, everywhere, this is causing us to change on a continuous and real time basis.

Despite that, and despite the personal, professional, and organizational strains that this situation has rapidly thrust upon us, adhering to the same principles of effective leadership, organizational resilience, and human empathy that have brought success in the past will serve well here, too. This is no “quick win” strategy. It’s time to double-down on the core tenets of your organizational culture. 

SentinelOne took an early and decisive approach to the emerging COVID-19 situation back in February. In this post, we will share some of the principles and best practices that have helped us to successfully navigate this sudden upheaval to our business, our clients, and our team members.

It’s the People That Matter

SentinelOne is, at heart, a people company. Our product is driven by people creating AI models and writing code. Our business is driven by social interactions between our teams and our customers. Getting to know our customers and their unique needs, whether it’s in their own workplaces or at conferences, small or large, and building relationships that last is central to what we do. The same principle underlies our approach to our people and our talent. Our people define our success, and the strength of our teams is built on open, inclusive communication that is fostered across all levels and regions and reflected throughout the organization. Shutting doors and social distancing is not in our DNA, so how have we managed the great Coronavirus transition?

Act Early, Act Decisively

Like many companies, particularly in the tech sector, we are not entirely new to the concept of remote work, but we believe that even for companies that have no experience of supporting a remote workforce, the challenges are really less about technology and more about culture and leadership.

As the likelihood of the Coronavirus becoming pandemic rose sharply during February 2020, SentinelOne began offering the early option for our teams to work from home well before formal public directives were issued. We also adjusted travel guidelines and implemented visitor and guest policies at all SentinelOne sites. By getting out ahead of the problem, we bought time to implement further changes along the way. 

Wherever you are now in your journey, you can still get ahead of the game. Preempt the possibilities for where you could be and start your journey. Do not hedge between “best case” and “worst case” scenarios at this point, but act quickly to address the most essential needs of your teams and customers that you see in front of you. Taking this first step starts the journey and builds the path forward.

Foster Awareness & Empathy

Technological aspects aside, the shift to remote work may be challenging for many of your teams. It is crucial that leaders raise awareness of the reality of remote work and give managers and their teams the support they need.

Working from home for those not regularly doing it places many strains on your employees, from finding the right environment for effective work to juggling relationships and duties as partners, parents, teachers, and caregivers. We are all multi-tasking now, and we’re working in spaces that, unlike our purpose-built office spaces, were not designed for the job. Remote work blurs the boundaries between work and life at the best of times. With the restrictions and worries brought about by both the pandemic and working from home, this is even more true.

It’s not only important to recognize these challenges, but to communicate to your team members that you recognize them. Remind them that they are trusted and valued and acknowledge the unprecedented nature of the situation. At SentinelOne, we created a Work From Home Handbook providing essential tips to employees, and we maintain a Wiki with updated information and guidance on things like hand hygiene and WHO recommendations. We’ve also published posts, webinars, and other digital assets on best practices for working from home and using remote software securely.

image showing tips on how you can help prevent the spread of illnesses such as coranavirus and flu

Engaged Leadership & “Relentless” Communication

Frequent and authentic communication is ever more important as each day brings more uncertainty. 

At SentinelOne, we prioritized this top-down, bottom-up, peer to peer as well as site/geo specific communication. Starting with frequent updates from our CEO and leadership team and All Hands, we also opened up several other channels. We set up Slack channels specific to COVID-related issues, resources, and news for every region that are being updated real time. It turned out to be a huge platform for team connection and communication: not only were we able to cascade policy and resource updates, but it also led to a huge outpouring as our teams shared their own news and updates and consulted with each other around the clock.

Our leaders and teams were already well-versed with using virtual communication tools like Zoom, but now they also use them to create virtual All Hands meetings, team “happy hours” and celebrations.

Our teams are using their innovative DNA to make this as live and as close to face-time interaction as possible. The latest in this is our virtual corridor called “S1 Living Room.” This virtual room is open all day and you can enter at any moment, drink coffee together, have a talk, connect on your hobbies, your pets or even join a Yoga class at scheduled times.

We set up a global cross-functional/cross-site COVID task force that meets every week to problem-solve in real time and pass on insights to the team managers, who connect often and share resources with their teams.

Therefore, there are a number of ways you can use your communication platform effectively. Create channels both by team but also by region and even local area, depending on the structure of your organization. As we are all isolated at home, it’s important to know what else is going on around us, and knowledge-sharing about local conditions – in both business and social spheres – is an important part of ensuring everyone stays connected, motivated and on top of their game. Physical distancing does not have to preclude social interaction! 

Team Safety & Wellness

Awareness and empathy around the current situation needs to be backed up and reflected in company policies. At SentinelOne, we have realigned our family benefits, sick leave policies, disability and wellness benefits globally to prioritize the safety of our teams and to support the mass shift to working from home. We are always checking in with managers and standing by to support team members and their families if they get sick, such as by sending them care packages to show our support. 

Also, we realized early by listening to our teams that one size does not fit all. For instance, our Tel Aviv site needed more support for families adapting to work from home via additional baby-sitting allowances, but our US and EMEA teams had other needs. This led us to set up a monthly team allowance for them that could be used for supporting family or wellness or home IT needs. Additionally, where we provided free lunches and snacks in our onsite kitchens and cafeterias, we now replaced that with reimbursement for food delivery.

In office spaces, there are regulations around things like ergonomics, work-to-break time intervals, and many other practices to ensure the health and safety of staff. As your people transition to remote work, they need help and support to take effective responsibility for these kinds of issues themselves. SentinelOne communicates this kind of information through wellness resources on our Slack channels and publishes resources to support physical wellness through providing live streaming of free classes and also providing resources to support mental and financial wellness.

Business Continuity

It’s vital in these uncertain times to ensure that you can continue to operate effectively, serve customers, and manage your data securely. Crucial Information Technology services must be prioritized, and as you transition teams to remote work, do so in the knowledge that the COVID-19 pandemic creates new vectors for threat actors to exploit.

The SentinelOne IT & Operations team began preparations a few weeks before we physically moved to work from home. We foresaw a shortage of computing resources and stocked up on laptops and other equipment beforehand. We also allowed staff to take home any necessary equipment such as monitors, chairs, and keyboards that would facilitate the transition to working from home.

Update your teams on safety and security procedures, and deploy endpoint security software on all business machines. All SentinelOne company computers are remotely administered and protected by a variety of tools, including our own endpoint security platform. It’s also important to ensure that all computers are updated to the latest versions of operating systems and software, and that all employees have appropriate licenses for the software they need to continue working.

Ensure teams are using an appropriate and secure VPN when connecting to corporate assets, and increase the visibility of your IT and Security teams so that staff feel confident to approach them if they have concerns. 

Beyond ensuring the delivery of critical business infrastructure, consider revisiting your product/business roadmap. What is most crucial in the current crisis? What can you confidently execute on and deliver to customers? Where you have to make changes that affect earlier market promises, communicate those to customers early and transparently. Form tiger teams to address projects that face significant obstacles but which must still be delivered.  

Looking Ahead

There is no doubt that the COVID-19 pandemic is, and will continue to be, a major challenge for organizations throughout 2020 and perhaps even beyond. In order to address the problems presented by this crisis, it’s crucial to act early and decisively, ensure teams are informed and equipped to work effectively, and that you lead from the front. At SentinelOne, we are confident in the knowledge that our people, our culture, and our organizational practices will steer us through these turbulent times. We hope this post has provided some ideas that you can successfully adopt that will help your organization, too. This pandemic will pass, and we all need not only to navigate safely through the choppy waters of today but also to envision and plan for the things to come in the post-COVID-19 world. 

We look forward to seeing you on the other side, with your teams healthy and your business in good shape!


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security