Chris Kubecka

Chris Kubecka
Chris Kubecka
Other names	@SecEvangelism
Occupation(s)	Author, security researcher, speaker, adviser
Employer(s)	HypaSec NL, Aramco, Unisys, USAF
Known for	Re-establishing Saudi Aramco international business networks and establishing security after a cyberwarfare attack

Chris Kubecka is an American computer security researcher and

July 2009 cyberattacks against South Korea.^[1] Kubecka has worked for the US Air Force as a Loadmaster, the United States Space Command

and is now CEO of HypaSec, a security firm she founded in 2015. She lives and works in the Netherlands.

Early life

Kubecka's Puerto Rican mother became a

US Air Force.^[2]^[3]^[4]

Saudi Aramco security work

In 2012,

hard disk drives (off a production line).^[9]

Prince Mohammed bin Nawwaf bin Abdulaziz, Sumaya Alyusuf and from the Royal Saudi Arabian Embassy of The Hague. During the second phase of the attack, the insider sent an extortion demand of 25,000 USD each from several Middle Eastern and Turkish Embassies. The third phase of the attack was caused by the Diplomatic Corps sending a warning notification to all The Hague embassies via email using CC not BCC, exposing the other official embassy email accounts to the attacker. During the fourth phase of the attack, the insider taunted the Diplomatic Corps, The Hague embassies and hacked into the Secretary to the Ambassador of Saudi Arabia personal Gmail account. The attacker rose the extortion demand to $35,000,000, then to $50,000,000 saying ISIS would destroy the Kurhaus of Scheveningen during the planned National Saudi Day celebrations to which over 400 dignitaries had been invited.^{[citation needed}

]

After the Shamoon attack and Dutch Embassy hacks, the Kingdom of Saudi Arabia and Saudi Aramco made security a top priority. Stanford University signed an MoU (memorandum of understanding) with one of the security colleges of Saudi Arabia in 2018.^[12]^[13]^[14]

Career

Kubecka was at Saudi Aramco until the mid-2015 and then founded HypaSec.

Supervisory Control and Data Acquisition (ICS SCADA), IT and IOT security topics.^[2]^[19] Kubecka was the keynote speaker at Security BSides security conference in London in 2017^[20]^[21] and a featured speaker at OWASP's Global AppSec Amsterdam 2019.^[22]

Works

Down the Rabbit Hole An OSINT Journey: Open Source Intelligence Gathering for Penetration Testing (2017)
ISBN 978-0-9956875-4-7

Hack the World with OSINT. Learn how to discover and exploit IT, IOT and ICS SCADA systems with ease (2019)
ISBN 978-0-9956875-9-2

References

^ "PSU@Shamoon". sites.psu.edu. Archived from the original on 2019-07-22. Retrieved 2019-09-07.
^ ^a ^b "APPSEC Cali 2018 - Women In Security Panel". March 19, 2018 – via Internet Archive.
^ "Paul's Security Weekly #498 - Chris Kubecka" – via www.youtube.com.
^ "How A 10-Year-Old War Dialer Became A Top Cybersecurity Expert". July 11, 2019.
^ Jose Pagliery (2015-08-05). "The inside story of the biggest hack in history". Retrieved 2012-08-19.
^ "Black Hat USA 2015 Highlights". The State of Security. August 11, 2015.
^ "Black Hat 2015: Rebuilding IT security after a cyber disaster". searchsecurity.techtarget.com. 10 February 2016. Retrieved 2019-09-07.
^ "Shamoon – Darknet Diaries". darknetdiaries.com. Archived from the original on 2019-01-27.
^ Pagliery, Jose (August 5, 2015). "The inside story of the biggest hack in history". CNNMoney.
^ "Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security". CyberScoop. August 8, 2019.
^ J.M. Porup (7 August 2019). "Inside the 2014 hack of a Saudi embassy". CSO Online. Retrieved 2019-09-07.
^ "Prince Mohammed bin Salman College of Cybersecurity and Stanford University Sign MoU The official Saudi Press Agency". spa.gov.sa. Retrieved 2019-09-07.
^ Yang, Daniel; Knowles, Hannah (April 25, 2019). "Despite political tensions, Stanford's Saudi partnerships continue with little scrutiny".
^ "Prince Muhammed Bin Salman College signs key pact with Stanford University". Saudi Gazette. 23 June 2018. Retrieved 2019-09-07.
^ "Ladies in Cyber Security by DefCamp". ladies.def.camp.
^ "SANS Institute: Summit Archives". sans.org. Archived from the original on 2019-09-26. Retrieved 2019-09-07.
^ "NATO explores the rules of cyber spying". Sky News. Retrieved 2019-09-25.
^ 28C3: Security Log Visualization with a Correlation Engine (en), retrieved 2019-09-25
^ "28c3: Security Log Visualization with a Correlation Engine". YouTube. December 29, 2011. Retrieved 2017-11-04.
^ "Cybersecurity pros: We'd help the government, but can't". Sky News.
^ "Naming Russia as a perpetrator offers cybersecurity its #MeToo moment". Sky News. Retrieved 2019-09-25.
^ "I've got a working title: The woman who squashed terrorists: When an Embassy gets hacked". Global AppSec. Retrieved 2019-09-27.

External links

[PSU_EDU-1] "PSU@Shamoon". sites.psu.edu. Archived from the original on 2019-07-22. Retrieved 2019-09-07.

[APPSEC-2] "APPSEC Cali 2018 - Women In Security Panel". March 19, 2018 – via Internet Archive.

[Interview_with_Paul-3] "Paul's Security Weekly #498 - Chris Kubecka" – via www.youtube.com.

[Ventures-4] "How A 10-Year-Old War Dialer Became A Top Cybersecurity Expert". July 11, 2019.

[Pagliery2015-5] Jose Pagliery (2015-08-05). "The inside story of the biggest hack in history". Retrieved 2012-08-19.

[TripWire-6] "Black Hat USA 2015 Highlights". The State of Security. August 11, 2015.

[Tech_Target-7] "Black Hat 2015: Rebuilding IT security after a cyber disaster". searchsecurity.techtarget.com. 10 February 2016. Retrieved 2019-09-07.

[Darknet_Diaries-8] "Shamoon – Darknet Diaries". darknetdiaries.com. Archived from the original on 2019-01-27.

[9] Pagliery, Jose (August 5, 2015). "The inside story of the biggest hack in history". CNNMoney.

[10] "Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security". CyberScoop. August 8, 2019.

[csoonline-11] J.M. Porup (7 August 2019). "Inside the 2014 hack of a Saudi embassy". CSO Online. Retrieved 2019-09-07.

[spa-12] "Prince Mohammed bin Salman College of Cybersecurity and Stanford University Sign MoU The official Saudi Press Agency". spa.gov.sa. Retrieved 2019-09-07.

[13] Yang, Daniel; Knowles, Hannah (April 25, 2019). "Despite political tensions, Stanford's Saudi partnerships continue with little scrutiny".

[saudigazette-14] "Prince Muhammed Bin Salman College signs key pact with Stanford University". Saudi Gazette. 23 June 2018. Retrieved 2019-09-07.

[Ladies_Def_Camp-15] "Ladies in Cyber Security by DefCamp". ladies.def.camp.

[sans-16] "SANS Institute: Summit Archives". sans.org. Archived from the original on 2019-09-26. Retrieved 2019-09-07.

[auto-17] "NATO explores the rules of cyber spying". Sky News. Retrieved 2019-09-25.

[18] 28C3: Security Log Visualization with a Correlation Engine (en), retrieved 2019-09-25

[Log_Visualization-19] "28c3: Security Log Visualization with a Correlation Engine". YouTube. December 29, 2011. Retrieved 2017-11-04.

[20] "Cybersecurity pros: We'd help the government, but can't". Sky News.

[21] "Naming Russia as a perpetrator offers cybersecurity its #MeToo moment". Sky News. Retrieved 2019-09-25.

[22] "I've got a working title: The woman who squashed terrorists: When an Embassy gets hacked". Global AppSec. Retrieved 2019-09-27.

[1]

[2]

[3]

[4]

[9]

[12]

[13]

[14]

[19]

[20]

[21]

[22]