Jeffrey Carr

Last updated

Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare. [1]

Contents

Career

In 2008, Carr founded Project Grey Goose, a crowd-sourced open-source intelligence effort to attribute major cyber attacks. [2] [3] [4] The Project soliticited the expertise of vetted volunteers, while seeking to filter out non-experts and cyber criminals. The Project's first area of research was the campaign of cyberattacks during the Russo-Georgian War. [1]

In 2011, Carr created the Suits and Spooks conference series, which offered a private forum for intelligence veterans to meet with technologists, academics, hackers, and business executives. The forum was acquired by Wired Business Media in 2014. [5]

Carr was the founder of now-defunct cybersecurity firms Taia Global Ltd (also founder) and GreyLogic. He later wrote about the lessons he gained from their failures. [6] [1] [7]

Carr has lectured on cybersecurity issues at the Defense Intelligence Agency, U.S. Army War College, Air Force Institute of Technology, NATO’s CCDCOE Conference on Cyber Conflict, and DEF CON. [8]

Writing and research

He is the author of Inside Cyber Warfare: Mapping the Cyber Underworld (O'Reilly Media 2009, 2011), which analyzed cyber conflicts from 2002 until 2009. [9] [10] [11] In Cyber Warfare, Carr argued that international cyber attacks are predominantly deployed by non-state actors, who are sometimes encouraged and tolerated by state entities. [1] Alternately, as Carr later told The Christian Science Monitor , it is private IT infrastructure, rather than government policy, that lies at the heart of US vulnerability to international cyber attacks. [12]

Jeffrey Carr has blogged about cyber security and warfare at Intelfusion.net [1] [4] (until September 1, 2010) and Forbes ' The Firewall. [13] [14] [15] [16] Carr said he had quit The Firewall in protest, after his post on Yuri Milner's relationship to the Russian FSB was taken down by Forbes at the request of Milner's lawyer. [17]

In March 2017, Carr stated there was growing doubt in the computer security industry regarding the narrative of Russian state sponsorship of hacks associated with the 2016 US elections. Carr stated that, because the FBI relied on forensic investigations by global cybersecurity consultancy CrowdStrike, "everyone else is relying on information they provided." [18] Several notable competitors of CrowdStrike, including Symantec and FireEye examined the underlying data and endorsed CrowdStrike's conclusions. [19]

Professional publications

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

<span class="mw-page-title-main">Unit 8200</span> Intelligence unit of the Israel Defense Forces

Unit 8200 is an Israeli Intelligence Corps unit of the Israel Defense Forces responsible for clandestine operation, collecting signal intelligence (SIGINT) and code decryption, counterintelligence, cyberwarfare, military intelligence, and surveillance. Military publications include references to Unit 8200 as the Central Collection Unit of the Intelligence Corps, and it is sometimes referred to as Israeli SIGINT National Unit (ISNU). It is subordinate to Aman, the military intelligence directorate.

<span class="mw-page-title-main">Jeff Moss (hacker)</span> American computer security expert

Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences.

<span class="mw-page-title-main">McColo</span> Defunct web hosting provider used for cybercrime

McColo was a US-based web hosting service provider that was, for a long time, the source of the majority of spam-sending activities for the entire world. In late 2008, the company was shut down by two upstream providers, Global Crossing and Hurricane Electric, because a significant amount of malware and botnets had been trafficking from the McColo servers.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

<span class="mw-page-title-main">Jart Armin</span> Cybercrime and computer security investigator and analyst

Jart Armin is an investigator, analyst and writer on cybercrime and computer security, and researcher of cybercrime mechanisms and assessment.

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

<span class="mw-page-title-main">Palo Alto Networks</span> American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

CyberHumint refers to the set of skills used by hackers, within Cyberspace, in order to obtain private information while attacking the human factor, using various psychological deceptions. CyberHumint includes the use of traditional human espionage methodologies, such as agent recruitment, information gathering through deception, traditionally known as Humint, combined with deception technologies known as Social engineering.

Bureau 121 is a North Korean cyberwarfare agency, and the main unit of the Reconnaissance General Bureau (RGB) of North Korea's military. It conducts offensive cyber operations, including espionage and cyber-enabled finance crime. According to American authorities, the RGB manages clandestine operations and has six bureaus.

Cozy Bear, classified by the United States federal government as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security Service (AIVD) deduced from security camera footage that it is led by the Russian Foreign Intelligence Service (SVR), a view shared by the United States. Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR. The group has been given various nicknames by other cybersecurity firms, including CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452, and YTTRIUM.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.

<span class="mw-page-title-main">Democratic National Committee cyber attacks</span> 2015-16 data breaches by Russian hackers as part of US election interference

The Democratic National Committee cyber attacks took place in 2015 and 2016, in which two groups of Russian computer hackers infiltrated the Democratic National Committee (DNC) computer network, leading to a data breach. Cybersecurity experts, as well as the U.S. government, determined that the cyberespionage was the work of Russian intelligence agencies.

Shlomo Kramer, is an Israeli information technology entrepreneur and investor. He is the co-founder of cyber-security companies Check Point and Imperva, as well as Cato Networks, a cloud-based network security provider.

In cybersecurity, cyber self-defense refers to self-defense against cyberattack. While it generally emphasizes active cybersecurity measures by computer users themselves, cyber self-defense is sometimes used to refer to the self-defense of organizations as a whole, such as corporate entities or entire nations. Surveillance self-defense is a variant of cyber self-defense and largely overlaps with it. Active and passive cybersecurity measures provide defenders with higher levels of cybersecurity, intrusion detection, incident handling and remediation capabilities. Various sectors and organizations are legally obligated to adhere to cyber security standards.

Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting machines and equipment, election office networks and practices, and voter registration databases.

<span class="mw-page-title-main">2022 Ukraine cyberattacks</span> Attack on Ukrainian government and websites

During the prelude to the 2022 Russian invasion of Ukraine and the 2022 Russian invasion of Ukraine, multiple cyberattacks against Ukraine were recorded, as well as some attacks on Russia. The first major cyberattack took place on 14 January 2022, and took down more than a dozen of Ukraine's government websites. According to Ukrainian officials, around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the National and Defense Council (NSDC), were attacked. Most of the sites were restored within hours of the attack. On 15 February, another cyberattack took down multiple government and bank services.

Cyclops Blink is malware that targets routers and firewall devices from WatchGuard and ASUS and adds them to a botnet for command and control (C&C).

Hacken, stylized as HACKEN, is an international cybersecurity company with Ukrainian roots that has combated Russia in cyberwar during the Russia invasion of Ukraine. The headquarters is located in Tallinn, Estonia, while the team was moved from Kyiv to Lisbon in March 2022.

References

  1. 1 2 3 4 5 Springer, Paul J. (2015-02-24). Cyber Warfare: A Reference Handbook: A Reference Handbook. ABC-CLIO. pp. 150–151. ISBN   9781610694445.
  2. Carr, Jeff. "Announcing Project Grey Goose - Operation Poachers". Jeff Carr Blog. Blogspot.com. Retrieved 4 March 2017.
  3. Sterling, Bruce (2009-08-03). "The Project Grey Goose cyberwar report". Wired. Retrieved 4 March 2017.
  4. 1 2 Flook, Kara (May 13, 2009). "Russia and the Cyber Threat". Critical Threats. Retrieved 3 March 2017.
  5. "SecurityWeek Acquires Suits and Spooks Security Events | SecurityWeek.Com". www.securityweek.com. Retrieved 2017-03-04.
  6. "Crushing Force as a Change Agent". 2016-09-22.
  7. Greenberg, Andy (2010-03-03). "The Real Meaning Of Cyberwarfare". Forbes. Retrieved 2017-03-04.
  8. "Jeffrey Carr". O'Reilly Media. Retrieved 3 November 2016.
  9. Library of Congress. "Inside cyber warfare". Library of Congress. Archived from the original on 12 December 2012. Retrieved 8 April 2012.
  10. Marks, Larry (4 July 2013). "Inside Cyber Warfare, Mapping the Cyber Underworld, by Carr, Jeffrey". Information Security Journal: A Global Perspective. 22 (4): 201–202. doi:10.1080/19393555.2013.828804. ISSN   1939-3555. S2CID   44346810.
  11. Carr, Jeffrey (1 January 2009). Inside Cyber Warfare: Mapping the Cyber Underworld. O'Reilly Media, Inc. ISBN   9780596802158.{{cite book}}: |website= ignored (help)
  12. Armerding, Taylor. "Will a cyber crisis add to chaos of Trump's first 100 days?". CSO Online. Retrieved 2017-03-04.
  13. "Jeffrey Carr - Digital Dao". Forbes. Retrieved 2023-04-12.
  14. Shackelford, Scott J. (2014-07-10). Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace. Cambridge University Press. pp. xxiv. ISBN   9781107354777.
  15. Reveron, Derek S. (2012-09-11). Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World. Georgetown University Press. pp. 186, 187. ISBN   978-1589019188.
  16. Fallows, James. "If You Were Going to Read Only One Thing About Cyber-Security..." The Atlantic. Retrieved 2017-03-04.
  17. "Interview With Cybersecurity Expert And Suits & Spooks Founder Jeffrey Carr". Publicyte | Microsoft Technet. Retrieved 2017-03-03.
  18. "Were the hackers who broke into the DNC's email really Russian". Miami Herald. March 24, 2017.
  19. Kevin Poulsen, "How the U.S. Hobbled Its Hacking Case Against Russia and Enabled Truthers", The Daily Beast, January 6, 2017,
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.