Actor engagement and physical security intersect when active shooter situations or heightened security threats are targeted against executives or physical locations. Naturally, the topic of hack-back arises, but this takes us down the rabbit trails of the roles synthetic identities play in the cognitive landscape, actor engagement, and experiences found only in the trenches. Blake Butler from Paypal joins us in exploring particular topics that are not discussed enough.
*We cover some of the following items:*
- Using OSINT, and Targeting in Active Shooter or physical security situations.
- Hack back or Long Term Investigations
- Actor engagement is a must for gleaning better intelligence. This isn’t hack back, but to non-technical folks it sounds like hackback. Clarification is needed.
- Cognitive Warfare landscape coupled with Synthetic Identities.
“For me its about being a story teller when presenting to the CISO in the organization… it is a story telling process, you have to have great writing skills… you can be the most technical person in the room but can’t articulate in a calm and concise manner it doesn’t matter. “
“There are a whole bunch of skills that are not being taught, to bring use cases back to business need. At the end of the day, when you are doing a pentest, you aren’t writing rop gadgets on the side, you are going to be looking for a way to leverage trust… it is those subtle relationships that need to be focused on”.
“There have been incidents where adversarial engagement was critical, especially with physical acts of violence, it was critical to save peoples lives, and the tooling ShadowDragon provides allows you to do that”. (Blake Butler)
Blake Butler is one of the premier investigators on fraud, money laundering, OSINT, and offensive security at PayPal. He also spends a great deal of time, creating realistic intel-ctf scenarios at BlackHat and Defcon. Mr. Butler has quietly been apart of many complex investigations and takedowns and practices as a quiet professional within the United States. He has spoken at many of the private who’s who security conferences Cymru, Underground Economy; NCFTA, Microsoft DCC. He has been one of a few practitioners that have been involved in high-risk-live attribution of active shooter situations, bridging both the physical and cyber realm while under pressure.
Other Links for Podcast: