Khalil Sehnaoui

Last updated
Khalil Sehnaoui
Khalil Sehnaoui.jpeg
Sehnaoui in 2015
Born (1975-05-23) May 23, 1975 (age 49)
Beirut, Lebanon
Nationality Lebanese, Belgian
Education Economics
Business Management
Finance
Computer science
Occupation Information Security Consultant Information Technology Consultant Actor
OrganizationKrypton Security
Known forComputer Security Consulting, Hacking and Commentary, Acting
Parents
Relatives Nicolas Sehnaoui (Cousin) Antoun Sehnaoui (Cousin)
Website Khalil Sehnaoui

Khalil Sehnaoui (born 23 May 1975) is a Belgian-Lebanese information security consultant [1] who specialises in the Middle-East [2] and the founder [3] and managing partner of Beirut-based Krypton Security. [4] [5] He is also a member of the Chaos Computer Club (CCC), [6] Europe's largest association of hackers. [7] In 2021, Sehnaoui started an acting career by featuring in the TV mini series The Role [8] and the TV series Al Hayba .

Contents

Background

He co-founded and is a managing partner at the security firm Krypton Security which helps test companies' security strengths, weaknesses, and potential loopholes.

In an online report published on April 6, 2016, Sehnaoui was listed as one of the top 100 influencers in Information Security. [9]

Sehnaoui is often called upon to comment in media about Information Security matters. [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20]

Early life and education

Sehnaoui was born in Beirut, to parents Marwan Sehnaoui and Mouna Bassili Sehnaoui, on 23 May 1975 and grew up living between Paris, France, and Beirut. His father is the President of the Lebanese Order of Malta [21] and his mother is a Middle-East painter. [22]

He attended College Stanislas in Paris as well as Collège Louise Wegman in Beirut, following which he earned a BA in Management from Universite Saint Joseph in Beirut as well as a Masters in Economics.

Media and television

Media

Sehnaoui was featured in The Guardian's video series "The Power of Privacy" in 2015. [23]

In May 2017 Sehnaoui went viral on Twitter [24] and the internet after tweeting about getting revenge on loud and rude customers in a coffee shop. [25] The customers were being loud and rude to waiters, and were having a very voluble conversation about their perfect new business name. [26] As a retaliation Sehnaoui registered the domain name and tweeted about it. According to Mashable, "Twitter users praised Sehnaoui for his act of digital savagery". [27]

Television

Sehnaoui was also featured on National Geographic in 2017 in the series Breakthrough , [28] produced by Ron Howard and Brian Grazer, Season 2 Episode 2, Cyber-Terror. This episode offered "An exclusive look inside the shadowy world of hackers, where good battles evil with the security of the world at stake. This episode follows “white-hat” hackers Jayson Street, Darren Kitchen and Khalil Sehnaoui, security specialists who combine clever coding with “Mission: Impossible”-style “social engineering.” " [29] [30]

Books

In 2019, Sehnaoui was featured amongst 70 information security professionals in a book called "Tribe of Hackers", [31] a collection of industry, career, and personal insights from cybersecurity luminaries. The book quickly rose to the #1 spot of new releases on Amazon in the Computer Security and encryption category. [32]

Controversies

In 2015, there was a controversy when Sehnaoui identified that Silent Circle's warrant canary had been removed from their site. [33] Sehnaoui was also prominently featured in a video series by The Guardian about privacy risks [34] and is often called upon to comment on recent Information Security news. [35] [36] Before founding an information security firm he attempted to improve patient representation in the Lebanese insurance industry. [37]

Starting January 2016, there were reports that the Islamic State allegedly built a new Android app called Alrawi for exchanging encrypted messages, [38] based on claims from online counter-terrorism firm Ghost Security Group (GSG). The claim was quickly reprinted by Newsweek , Fortune and TechCrunch, among others. [39] [40] Sehnaoui was one of the security specialists that helped debunk the myth of this tool, showing that it was just a "bad media mock-up to try and get some attention". [41]

In July 2018, he was arrested for alleged piracy of several Lebanese companies and government institutions, his detention was illegal as there is a legal vacuum in Lebanese laws about cybercrime. He was released after being questioned and no charges were brought against him.

Related Research Articles

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">ESET</span> Slovak internet security company

ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provides security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages.

<span class="mw-page-title-main">Window Snyder</span> Computer security expert (born 1975)

Mwende Window Snyder, better known as Window Snyder, is an American computer security expert. She has been a top security officer at Square, Inc., Apple, Fastly, Intel and Mozilla Corporation. She was also a senior security strategist at Microsoft. She is co-author of Threat Modeling, a standard manual on application security.

<span class="mw-page-title-main">Outlook.com</span> Microsoft webmail service

Outlook.com, formerly Hotmail, is a free personal email service offered by Microsoft. This includes a webmail interface featuring mail, calendaring, contacts, and tasks services. Outlook can also be accessed via email clients using the IMAP or POP protocols.

Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor is a free overlay network for enabling anonymous communication. Built on free and open-source software and more than seven thousand volunteer-operated relays worldwide, users can have their Internet traffic routed via a random path through the network.

LastPass is a password manager application. The standard version of LastPass comes with a web interface, but also includes plugins for various web browsers and apps for many smartphones. It also includes support for bookmarklets.

Silent Circle is an encrypted communications firm based in Washington DC. Silent Circle provides multi-platform secure communication services for mobile devices and desktops. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.

The dark web is the World Wide Web content that exists on darknets that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Open Whisper Systems</span> Open source software organization

Open Whisper Systems was a software development group that was founded by Moxie Marlinspike in 2013. The group picked up the open source development of TextSecure and RedPhone, and was later responsible for starting the development of the Signal Protocol and the Signal messaging app. In 2018, Signal Messenger was incorporated as an LLC by Moxie Marlinspike and Brian Acton and then rolled under the independent 501(c)(3) non-profit Signal Technology Foundation. Today, the Signal app is developed by Signal Messenger LLC, which is funded by the Signal Technology Foundation.

<span class="mw-page-title-main">Threema</span> Instant messaging smartphone service

Threema is a paid cross-platform encrypted instant messaging app developed by Threema GmbH in Switzerland and launched in 2012. The service operates on a decentralized architecture and offers end-to-end encryption. Users can make voice and video calls, send photos, files, and voice notes, share locations, and make groups. Unlike many other popular secure messaging apps, Threema does not require phone numbers or email addresses for registration, only a one-time purchase that can be paid via an app store or anonymously with Bitcoin or cash.

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.

Justin Cappos is a computer scientist and cybersecurity expert whose data-security software has been adopted by a number of widely used open-source projects. His research centers on software update systems, security, and virtualization, with a focus on real-world security problems.

Lebanese people, who come from various religious and ethnic groups, form a distinct community in Belgium as part of the global Lebanese diaspora. It was estimated in 2006 that there were 8,000 Belgians who identified as Lebanese in terms of origin or descent. More recent estimates put their numbers at only 3,500. The majority are Belgian citizens and live in major cities such as Brussels and Antwerp. In addition, it was reported the same year that 1,200 were living in Lebanon. They sometimes refer to themselves as Belgo-Libanais in French or Belgisch-Libanees in Dutch.

Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.

<span class="mw-page-title-main">Confide</span>

Confide is an encrypted instant messaging application for most major operating systems. It was first released in 2013, on iOS, and is known for its self-destructing messaging system that deletes messages immediately after reading. The platform offers both free and paid features for individuals and businesses.

<span class="mw-page-title-main">Reception and criticism of WhatsApp security and privacy features</span> Reception and criticism of security and privacy features in the WhatsApp messaging service

This article provides a detailed chronological account of the historical reception and criticism of security and privacy features in the WhatsApp messaging service.

<span class="mw-page-title-main">HMA (VPN)</span> Virtual private network service founded in 2005

HMA is a VPN service founded in 2005 in the United Kingdom. It has been a subsidiary of the Czech cybersecurity company Avast since 2016.

References

  1. "Gun Ownership, Religion And Other Details For Millions Leaked". The Washington Times. The Washington Times, LLC. June 23, 2016. Retrieved 24 June 2016.
  2. "French government considers law that would outlaw strong encryption". The Daily Dot. SlashDot. January 12, 2016. Retrieved 12 January 2016.
  3. "Why Chrysler's car hack 'fix' is staggeringly stupid". ZDnet. CBS Interactive. July 27, 2015. Retrieved 30 November 2015.
  4. "Les banques sont-elles à l'abri des cyberattaques ?". Le Commerce du Levant. Société de press et d’édition libanaise S.A.L. 4 March 2014. Retrieved 3 November 2015.
  5. "Cybersecurity risks loom for Lebanese banks". Daily Star. 20 January 2014. Retrieved 3 November 2015.
  6. "Kazakhstan will force its citizens to install internet backdoors". ZDNet. CBS Interactive. 3 December 2015. Retrieved 3 December 2015.
  7. "CCC | Home".
  8. "Khalil Sehnaoui". IMDb. 3 November 2021. Retrieved 3 November 2021.
  9. "Cyber Security and InfoSec: Top 100 Influencers and Brands". Joe Fields. OnAlytica. 6 April 2016. Retrieved 8 April 2016.
  10. "Game of Thrones can teach you valuable security lessons". Vincenzo Marsden. CSO. 1 August 2016. Retrieved 1 August 2016.
  11. "Hack of NSA-linked Group Is Legitimate, Cybersecurity Firm Says". Patrick Howell O'Neill. The Daily Dot. 16 August 2016. Retrieved 18 August 2016.
  12. "Cisco patches 'ExtraBacon' zero-day exploit leaked by NSA hackers". Patrick Howell O'Neill. The Daily Dot. 17 August 2016. Retrieved 18 August 2016.
  13. "FBI director: 'There is no such thing as absolute privacy in America'". Patrick Howell O'Neill. The Daily Dot. 30 August 2016. Retrieved 1 September 2016.
  14. "Cybersecurity Experts: Trump Profoundly Misunderstands Hacking'". Kevin Collier. Vocativ. 12 December 2016. Retrieved 13 December 2016.
  15. "After Outcry, Trump's Twitter Switches From Gmail To Gov Address". Kevin Collier. Vocativ. 26 January 2017. Retrieved 28 January 2017.
  16. "Enterprise Intelligence Brief: Threat Hunting Takes Center Stage". Natasha Bishop. IBM, Inc. 1 February 2017. Retrieved 1 February 2017.
  17. "These Arab Hackers Want To Make America Safe Again -- Will Trump Let Them?". Thomas Fox-Brewster. Forbes. 7 February 2017. Retrieved 9 February 2017.
  18. "Islamic State Supporters Hit By Android Malware On Telegram". Patrick O'Neill. Cyberscoop. 9 February 2017. Retrieved 15 February 2017.
  19. "Confide, A Favourite App Of Trump's White House, Is 'A Triumph Of Marketing Over Substance'". Patrick O'Neill. Cyberscoop. 15 February 2017. Retrieved 15 February 2017.
  20. "Security lapse exposed New York airport's critical servers for a year". Zack Whittaker. CBS Interactive. 24 February 2017. Retrieved 24 February 2017.
  21. "Rencontres A Mokhtara Entre l'Ordre De Malte Et L'Association Abou Hassan Aref Halaoui". L'Orient Le Jour. Orient-Le-Jour. 17 November 2015. Retrieved 17 November 2015.
  22. "Byblos, Lebanon's Ancient Port, Is Reborn". The New York Times. 31 December 2009. Retrieved 4 December 2015.
  23. "The Power of Privacy – film". Aleks Krotoski. Guardian News and Media Limited. 28 January 2016. Retrieved 18 May 2017.
  24. "Sehnaoui's Tweet". Twitter. 17 May 2017. Retrieved 22 May 2017.
  25. "Coffee Shop Customer Delivers 'Obnoxious' Table Neighbors A Delicious Lesson". Lee Moran. TheHuffingtonPost.com, Inc. 20 May 2017. Retrieved 22 May 2017.
  26. "How one man wreaked ingenious revenge on rude customers in a coffee shop". Adam Boult. Telegraph Media Group Limited. 19 May 2017. Retrieved 22 May 2017.
  27. "Man Gets Revenge On Rude People In Coffee Shop". April Hautea. Mashable, Inc. 20 May 2017. Retrieved 22 May 2017.
  28. "Breakthrough - Cyber Terror". National Geographic. National Geographic Partners, LLC. 9 May 2017. Archived from the original on 2017-05-17. Retrieved 18 May 2017.
  29. "Breakthrough: Season Two Announced for Nat Geo Series". Jessica Pena. TV Series Finale. 14 April 2017. Retrieved 18 May 2017.
  30. "Nat Geo's Next Ep of 'Breakthrough' Proves We Can't Afford to Trust Each Other". Brady Dale. Observer. 5 May 2017. Retrieved 18 May 2017.
  31. "Tribe of Hackers". Marcus J. Carey. Threatcare. 9 February 2019. Retrieved 9 February 2019.
  32. Tribe of Hackers. Independently Published. 9 February 2019. ISBN   978-1793464187.{{cite book}}: |work= ignored (help)
  33. "Silent Circle: We haven't been served a single demand for data". ZDNet. CBS Interactive. 8 March 2015. Retrieved 3 November 2015.
  34. "The power of privacy (2/5): Hacking exposed: the tricks of the trade". The Guardian. Guardian News and Media. 29 September 2015. Retrieved 3 November 2015.
  35. "#TangoDown: The 'Biggest Ever' Web Attack That Wasn't". ZDnet. CBS Interactive. 14 January 2016. Retrieved 15 January 2016.
  36. "18 Million Targeted Voter Records Exposed By Database Error". CSO Online. IDG Enterprise. 4 January 2016. Retrieved 4 January 2016.
  37. "Healthcare -- Between Payment and Patient". Executive Magazine. Newsmedia S.A.L. 1 August 2008. Retrieved 3 November 2015.[ permanent dead link ]
  38. "Researchers: ISIS Has Built A Secure Messaging App". Defense One. National Journal Group, Inc. 16 January 2016. Retrieved 27 January 2016.
  39. "ISIS Creates Its Own Secure Messaging App". NewsWeek. Newsweek LTD. 14 January 2016. Retrieved 27 January 2016.
  40. "ISIS Has Its Own Encrypted Chat App". TechCrunch. AOL, Inc. 16 January 2016. Retrieved 27 January 2016.
  41. "The myth of the ISIS Encrypted Messaging App". The Daily Dot. SlashDot. 27 January 2016. Retrieved 27 January 2016.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.