Khalil Sehnaoui

Last updated
Khalil Sehnaoui
Khalil Sehnaoui.jpeg
Sehnaoui in 2015
Born (1975-05-23) May 23, 1975 (age 49)
Beirut, Lebanon
Nationality Lebanese, Belgian
Education Economics
Business Management
Finance
Computer science
Occupation Information Security Consultant Information Technology Consultant Actor
OrganizationKrypton Security
Known forComputer Security Consulting, Hacking and Commentary, Acting
Parents
Relatives Nicolas Sehnaoui (Cousin) Antoun Sehnaoui (Cousin)
Website Khalil Sehnaoui

Khalil Sehnaoui is a Belgian-Lebanese information security consultant [1] who specialises in the Middle-East [2] and the founder [3] and managing partner of Beirut-based Krypton Security. [4] [5] He is also a member of the Chaos Computer Club (CCC), [6] Europe's largest association of hackers. [7] In 2021 Sehnaoui started an acting career by featuring in the TV mini series The Role [8] and the TV series Al Hayba .

Contents

Background

He co-founded and is a managing partner at the security firm Krypton Security which helps test companies' security strengths, weaknesses, and potential loopholes.

In an online report published on April 6, 2016, Sehnaoui was listed as one of the top 100 influencers in Information Security. [9]

Sehnaoui is often called upon to comment in media about Information Security matters. [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20]

Early life and education

Sehnaoui was born in Beirut, to parents Marwan Sehnaoui and Mouna Bassili Sehnaoui, on 23 May 1975 and grew up living between Paris, France and Beirut, Lebanon. His father is the President of the Lebanese Order of Malta [21] and his mother is a Middle-East painter. [22]

He attended College Stanislas in Paris as well as Collège Louise Wegman in Beirut, following which he earned a BA in Management from Universite Saint Joseph in Beirut as well as a Masters in Economics.

Media and television

Media

Sehnaoui was featured in The Guardian's video series "The Power of Privacy" in 2015. [23]

In May 2017 Sehnaoui went viral on Twitter [24] and the internet after tweeting about getting revenge on loud and rude customers in a coffee shop. [25] The customers were being loud and rude to waiters, and were having a very voluble conversation about their perfect new business name. [26] As a retaliation Sehnaoui registered the domain name and tweeted about it. According to Mashable, "Twitter users praised Sehnaoui for his act of digital savagery". [27]

Television

Sehnaoui was also featured on National Geographic in 2017 in the series Breakthrough , [28] produced by Ron Howard and Brian Grazer, Season 2 Episode 2, Cyber-Terror. This episode offered "An exclusive look inside the shadowy world of hackers, where good battles evil with the security of the world at stake. This episode follows “white-hat” hackers Jayson Street, Darren Kitchen and Khalil Sehnaoui, security specialists who combine clever coding with “Mission: Impossible”-style “social engineering.” " [29] [30]

Books

In 2019 Sehnaoui was featured amongst 70 information security professionals in a book called "Tribe of Hackers", [31] a collection of industry, career, and personal insights from cybersecurity luminaries. The book quickly rose to the #1 spot of new releases on Amazon in the Computer Security and encryption category. [32]

Controversies

In 2015 there was a controversy when Sehnaoui identified that Silent Circle's warrant canary had been removed from their site. [33] Sehnaoui was also prominently featured in a video series by The Guardian about privacy risks [34] and is often called upon to comment on recent Information Security news. [35] [36] Before founding an information security firm he attempted to improve patient representation in the Lebanese insurance industry. [37]

Starting January 2016 there were reports that the Islamic State allegedly built a new Android app called Alrawi for exchanging encrypted messages, [38] based on claims from online counter-terrorism firm Ghost Security Group (GSG). The claim was quickly reprinted by Newsweek , Fortune and TechCrunch, among others. [39] [40] Sehnaoui was one of the security specialists that helped debunk the myth of this tool, showing that it was just a "bad media mock-up to try and get some attention". [41]

In July 2018, he was arrested for alleged piracy of several Lebanese companies and government institutions, his detention was illegal as there is a legal vacuum in Lebanese laws about cybercrime. He was released after being questioned and no charges were brought against him.

Related Research Articles

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">Window Snyder</span> Computer security expert (born 1975)

Mwende Window Snyder, better known as Window Snyder, is an American computer security expert. She has been a top security officer at Square, Inc., Apple, Fastly, Intel and Mozilla Corporation. She was also a senior security strategist at Microsoft. She is co-author of Threat Modeling, a standard manual on application security.

Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense.

Silent Circle is an encrypted communications firm based in Washington DC. Silent Circle provides multi-platform secure communication services for mobile devices and desktops. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Telegram (software)</span> Cross-platform instant messaging service

Telegram Messenger, commonly known as Telegram, is a cloud-based, cross-platform, instant messaging (IM) service. It was originally launched for iOS on 14 August 2013 and Android on 20 October 2013. It allows users to exchange messages, share media and files, and hold private and group voice or video calls as well as public livestreams. It is available for Android, iOS, Windows, macOS, Linux, and web browsers. Telegram also offers end-to-end encryption in voice and video calls, and in optional private chats, which Telegram calls Secret Chats.

<span class="mw-page-title-main">Open Whisper Systems</span> Open source software organization

Open Whisper Systems was a software development group that was founded by Moxie Marlinspike in 2013. The group picked up the open source development of TextSecure and RedPhone, and was later responsible for starting the development of the Signal Protocol and the Signal messaging app. In 2018, Signal Messenger was incorporated as an LLC by Moxie Marlinspike and Brian Acton and then rolled under the independent 501c3 non-profit Signal Technology Foundation. Today, the Signal app is developed by Signal Messenger LLC, which is funded by the Signal Technology Foundation.

<span class="mw-page-title-main">Windows 10</span> Tenth major release of Windows NT, released in 2015

Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on July 29, 2015. Windows 10 was made available for download via MSDN and TechNet, as a free upgrade for retail copies of Windows 8 and Windows 8.1 users via the Microsoft Store, and to Windows 7 users via Windows Update. Windows 10 receives new builds on an ongoing basis, which are available at no additional cost to users, in addition to additional test builds of Windows 10, which are available to Windows Insiders. Devices in enterprise environments can receive these updates at a slower pace, or use long-term support milestones that only receive critical updates, such as security patches, over their ten-year lifespan of extended support. In June 2021, Microsoft announced that support for Windows 10 editions which are not in the Long-Term Servicing Channel (LTSC) will end on October 14, 2025.

Wire Swiss GmbH is a software company with headquarters in Zug, Switzerland. Its development center is in Berlin, Germany. The company is best known for its messaging application called Wire.

<span class="mw-page-title-main">Doxbin (darknet)</span> Defunct document sharing website

Doxbin was an onion service. It was a pastebin primarily used by people posting personal data of any person of interest.

Mouna Bassili Sehnaoui is a Lebanese painter, writer and artist.

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.

Justin Cappos is a computer scientist and cybersecurity expert whose data-security software has been adopted by a number of widely used open-source projects. His research centers on software update systems, security, and virtualization, with a focus on real-world security problems.

Lebanese people, who come from various religious and ethnic groups, form a distinct community in Belgium as part of the global Lebanese diaspora. It was estimated in 2006 that there were 8,000 Belgians who identified as Lebanese in terms of origin or descent. More recent estimates put their numbers at only 3,500. The majority are Belgian citizens and live in major cities such as Brussels and Antwerp. In addition, it was reported the same year that 1,200 were living in Lebanon. They sometimes refer to themselves as Belgo-Libanais in French or Belgisch-Libanees in Dutch.

<span class="mw-page-title-main">Reception and criticism of WhatsApp security and privacy features</span> Reception and criticism of security and privacy features in the WhatsApp messaging service

This article provides a detailed chronological account of the historical reception and criticism of security and privacy features in the WhatsApp messaging service.

ExpressVPN is a VPN service which offers privacy and security software that encrypts users' web traffic and masks their IP addresses. It is offered by a Hong Kong-based company registered in the British Virgin Islands as Express Technologies Ltd.

<span class="mw-page-title-main">HMA (VPN)</span> Virtual private network service founded in 2005

HMA is a VPN service founded in 2005 in the United Kingdom. It has been a subsidiary of the Czech cybersecurity company Avast since 2016.

ShinyHunters is a black-hat criminal hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.

References

  1. "Gun Ownership, Religion And Other Details For Millions Leaked". The Washington Times. The Washington Times, LLC. June 23, 2016. Retrieved 24 June 2016.
  2. "French government considers law that would outlaw strong encryption". The Daily Dot. SlashDot. January 12, 2016. Retrieved 12 January 2016.
  3. "Why Chrysler's car hack 'fix' is staggeringly stupid". ZDnet. CBS Interactive. July 27, 2015. Retrieved 30 November 2015.
  4. "Les banques sont-elles à l'abri des cyberattaques ?". Le Commerce du Levant. Société de press et d’édition libanaise S.A.L. 4 March 2014. Retrieved 3 November 2015.
  5. "Cybersecurity risks loom for Lebanese banks". Daily Star. 20 January 2014. Retrieved 3 November 2015.
  6. "Kazakhstan will force its citizens to install internet backdoors". ZDNet. CBS Interactive. 3 December 2015. Retrieved 3 December 2015.
  7. "CCC | Home".
  8. "Khalil Sehnaoui". IMDb. 3 November 2021. Retrieved 3 November 2021.
  9. "Cyber Security and InfoSec: Top 100 Influencers and Brands". Joe Fields. OnAlytica. 6 April 2016. Retrieved 8 April 2016.
  10. "Game of Thrones can teach you valuable security lessons". Vincenzo Marsden. CSO. 1 August 2016. Retrieved 1 August 2016.
  11. "Hack of NSA-linked Group Is Legitimate, Cybersecurity Firm Says". Patrick Howell O'Neill. The Daily Dot. 16 August 2016. Retrieved 18 August 2016.
  12. "Cisco patches 'ExtraBacon' zero-day exploit leaked by NSA hackers". Patrick Howell O'Neill. The Daily Dot. 17 August 2016. Retrieved 18 August 2016.
  13. "FBI director: 'There is no such thing as absolute privacy in America'". Patrick Howell O'Neill. The Daily Dot. 30 August 2016. Retrieved 1 September 2016.
  14. "Cybersecurity Experts: Trump Profoundly Misunderstands Hacking'". Kevin Collier. Vocativ. 12 December 2016. Retrieved 13 December 2016.
  15. "After Outcry, Trump's Twitter Switches From Gmail To Gov Address". Kevin Collier. Vocativ. 26 January 2017. Retrieved 28 January 2017.
  16. "Enterprise Intelligence Brief: Threat Hunting Takes Center Stage". Natasha Bishop. IBM, Inc. 1 February 2017. Retrieved 1 February 2017.
  17. "These Arab Hackers Want To Make America Safe Again -- Will Trump Let Them?". Thomas Fox-Brewster. Forbes. 7 February 2017. Retrieved 9 February 2017.
  18. "Islamic State Supporters Hit By Android Malware On Telegram". Patrick O'Neill. Cyberscoop. 9 February 2017. Retrieved 15 February 2017.
  19. "Confide, A Favourite App Of Trump's White House, Is 'A Triumph Of Marketing Over Substance'". Patrick O'Neill. Cyberscoop. 15 February 2017. Retrieved 15 February 2017.
  20. "Security lapse exposed New York airport's critical servers for a year". Zack Whittaker. CBS Interactive. 24 February 2017. Retrieved 24 February 2017.
  21. "Rencontres A Mokhtara Entre l'Ordre De Malte Et L'Association Abou Hassan Aref Halaoui". L'Orient Le Jour. Orient-Le-Jour. 17 November 2015. Retrieved 17 November 2015.
  22. "Byblos, Lebanon's Ancient Port, Is Reborn". The New York Times. 31 December 2009. Retrieved 4 December 2015.
  23. "The Power of Privacy – film". Aleks Krotoski. Guardian News and Media Limited. 28 January 2016. Retrieved 18 May 2017.
  24. "Sehnaoui's Tweet". Twitter. 17 May 2017. Retrieved 22 May 2017.
  25. "Coffee Shop Customer Delivers 'Obnoxious' Table Neighbors A Delicious Lesson". Lee Moran. TheHuffingtonPost.com, Inc. 20 May 2017. Retrieved 22 May 2017.
  26. "How one man wreaked ingenious revenge on rude customers in a coffee shop". Adam Boult. Telegraph Media Group Limited. 19 May 2017. Retrieved 22 May 2017.
  27. "Man Gets Revenge On Rude People In Coffee Shop". April Hautea. Mashable, Inc. 20 May 2017. Retrieved 22 May 2017.
  28. "Breakthrough - Cyber Terror". National Geographic. National Geographic Partners, LLC. 9 May 2017. Archived from the original on 2017-05-17. Retrieved 18 May 2017.
  29. "Breakthrough: Season Two Announced for Nat Geo Series". Jessica Pena. TV Series Finale. 14 April 2017. Retrieved 18 May 2017.
  30. "Nat Geo's Next Ep of 'Breakthrough' Proves We Can't Afford to Trust Each Other". Brady Dale. Observer. 5 May 2017. Retrieved 18 May 2017.
  31. "Tribe of Hackers". Marcus J. Carey. Threatcare. 9 February 2019. Retrieved 9 February 2019.
  32. Tribe of Hackers. Independently Published. 9 February 2019. ISBN   978-1793464187.{{cite book}}: |work= ignored (help)
  33. "Silent Circle: We haven't been served a single demand for data". ZDNet. CBS Interactive. 8 March 2015. Retrieved 3 November 2015.
  34. "The power of privacy (2/5): Hacking exposed: the tricks of the trade". The Guardian. Guardian News and Media. 29 September 2015. Retrieved 3 November 2015.
  35. "#TangoDown: The 'Biggest Ever' Web Attack That Wasn't". ZDnet. CBS Interactive. 14 January 2016. Retrieved 15 January 2016.
  36. "18 Million Targeted Voter Records Exposed By Database Error". CSO Online. IDG Enterprise. 4 January 2016. Retrieved 4 January 2016.
  37. "Healthcare -- Between Payment and Patient". Executive Magazine. Newsmedia S.A.L. 1 August 2008. Retrieved 3 November 2015.[ permanent dead link ]
  38. "Researchers: ISIS Has Built A Secure Messaging App". Defense One. National Journal Group, Inc. 16 January 2016. Retrieved 27 January 2016.
  39. "ISIS Creates Its Own Secure Messaging App". NewsWeek. Newsweek LTD. 14 January 2016. Retrieved 27 January 2016.
  40. "ISIS Has Its Own Encrypted Chat App". TechCrunch. AOL, Inc. 16 January 2016. Retrieved 27 January 2016.
  41. "The myth of the ISIS Encrypted Messaging App". The Daily Dot. SlashDot. 27 January 2016. Retrieved 27 January 2016.