The Umbrella Security Labs research team is searching for smart, passionate Internet security experts to join our community. Why join the community? In the most recent Umbrella Security Labs webcast we exposed how our research team is using advanced Big Data mining tactics to classify and categorize websites. The Labs community members are on the front lines of predictive threat research, as they’re able to submit malicious and potentially malicious domains for community review and discussion. The community is made up of security researchers, IT technicians, and software engineers from all around the globe with strong dedication for keeping the Internet safe and secure. For more information about how the whole process works, click here.
To underline how valuable Umbrella Labs Security community members are, I want to introduce you to one of the community’s top contributors. Meet Conrad, an IT security analyst and part-time technical writer.
OpenDNS: How did you get started in Internet security?
Conrad: I started in the 1980s when messing around with other people’s computer systems was regarded as an intellectual challenge and, certainly as a student, I made a real pest of myself on University mainframes. I got into quite a lot of trouble all the same, but I learned a lot about both sides of the security field. A lot of the techniques used back in the 1980s still work today, especially social engineering and fake login pages. The movie “WarGames” was hugely influential on many people from my generation, plus the BBC Thriller “Bird of Prey.”
OpenDNS: Have you ever been a victim of a scam or malware?
Conrad: Apart from the occasional bad seller on eBay, scammers seem to have missed me. It depends what you regard as a scam though. In over twenty years of dealing with malware professionally, I’ve only been infected once and it ended up being a slip of the mouse when I was sending a sample to our vendor for analysis. I’ve certainly had to clean up lots of other people’s machines, though!
OpenDNS: What’s the most convincing scam you’ve ever seen, malware or otherwise?
Conrad: I recently came across an interesting case where an organization in the U.S. was running fake seminars in the education sector. They reeled in millions of dollars and left hundreds of unhappy people behind – but at least they eventually stopped when I identified who was running it and published the whole sordid story.
OpenDNS: Besides OpenDNS what are you favorite tools of your trade to use?
Conrad: There are so many good tools out there, but I think one basic one that security researchers really need is a subscription to DomainTools. On top of that there are binary analysis tools such as VirusTotal, Anubis, Comodo’s CAMAS and ThreatExpert. For online analysis Wepawet, Jsunpack and URLquery are all very useful. WGET and SamSpade for Windows are useful tools for poking around at web resources safely. It is useful to know some sort of scripting or programming language so that you can take data from one tool and analyse it in another. It’s also pretty essential to keep up with assorted security blogs to have an idea of what is actually happening right now. And basic things such as poking around your spam folders and internet access logs are essential things for anyone working for a large organisation.
OpenDNS: What do you most enjoy about being a moderator ?
Conrad: Being a moderator makes it possible to get active and emerging threats blocked very quickly. A lot of malware domains are active for 24 hours or less, so it is quite satisfying to be able to block them in time to do some good.
If you’re interested in joining Conrad and the Umbrella Labs Security Community, just apply online and let us know why you’d make a great contributor to the community.