PureVPN had a chance to talk to Jack Rhysider who is quite an exquisite personality in the cybersecurity world. He started his career working at a Security Operations Center where he was directly involved in anticipating and mitigating cyberattacks. Over the course of time, Jack knew the real dangers of the internet and how vulnerable users are right now.
Jack started a security awareness podcast back in 2017 called Darknet Diaries and has been sharing regular cybersecurity news that are really jaw-dropping. He exposes all the dark secrets of the bad side of the internet and helps naive internet users make smart decisions online.
Besides podcasting on Darknet Diaries, Jack regularly shares blogs on TunnelsUp related to troubleshooting guides and information security. He has also previously appeared in several cybersecurity podcasts and online magazines. We asked a few questions to Jack related to cybersecurity on his day off and here is the full interview:
Question #1: Hi Jack, we would first like to ask you why you started a career in cybersecurity. Is it something you always wanted to do?
Jack: Hi! I didn’t originally set out to be in security. I got a degree in computer science but didn’t feel confident in any one thing to apply for jobs doing that. I eventually got my CCNA certification which got me a job in a NOC [Network Operations Center], monitoring networks. I started to make networking my thing and then a security engineer position opened up and I jumped on it, not even knowing any commands on a firewall. From there I realized security was a perfect fit for me. Since it tapped into all my previous knowledge of IT and brought it all together for me. I have now been in security for 12 years.
Question #2: What are some of the most common cybersecurity concerns right now? Do you think we can find a way to actually stop phishing or malware attacks?
Jack: Yeah, phishing is still a really big concern. It seems easy enough to either send out a lot of emails and hope some people click or send out very custom targeted emails and hope for a click. Both have a level of success that’s frightening. Networks are becoming more compartmentalized which I think will help with this. We used to have just a flat network where any computer could talk to each other. But now companies separate this with a firewall or access rules, and we are moving more towards a zero trust network approach where nothing should be able to talk to each other unless authenticated and authorized.
Question #3: We heard the podcast Dark Basin and it sounds like a horror story. Where exactly did you get the idea of starting a podcast on your own and helping the online community?
Jack: Well, I’m just a really big fan of podcasts myself and wanted a show like this to exist. I couldn’t find it to suit my needs exactly so I just gave up waiting and read a book on how to tell stories and started the show on my own. It’s funny you ask about helping though because I do have a mission to help others and educate people. And that feels very satisfying when people appreciate what I make.
Question #4: In your opinion, should European countries create an internet firewall like in North Korea or China rather than continuing the Five Eyes Alliance? Don’t you think it is safer considering European countries are on the verge of bigger ransomware attacks?
Jack: No, I’m a strong believer in an open internet. The more we can share ideas and knowledge, the better off we are.
Question #5: As a cybersecurity veteran, how easy it is to hack government databases and major information centers? Do you think the system is fragile and can be poked by hackers easily?
Jack: I don’t think it’s so easy. If you look back, in 1997 there was Operation Eligible Receiver, which was basically a penetration test that the NSA did on the US Government. It proved how many shortcomings the .mil and .gov domains have. And since then, the NSA has continued to test the security of the US Government. They take securing the network very seriously. But when you have the resources of another nation state, it’s really hard to plug every hole. I mean, it’s not unheard of to pay someone $20,000 or more for information.
Question #6: Considering the massive number of ransomware and malware attacks in 2020, do you really believe that some attacks are state-run? Like Russia triggering a malware attack on companies in the United States or the United Kingdom? Does this statement stand true?
Jack: Well historically ransomware has been for monetary gain. It’s a way to generate some extra bitcoin. And nation states don’t do cyber attacks for money. However, North Korea seems to be the only nation conducting cyber attacks for money. WannaCry, for instance, was a North Korean launched ransomware that had a mission of generating bitcoin. But then you have malware that looks like ransomware, but that’s just to throw you off, it’s really a destructive wiper with no way to get your data back. For instance NotPetya was at first thought to be ransomware but we eventually learned it was Russia who wanted to attack Ukraine and just cause destruction.
Question #7: We know nothing is hidden on the internet. What do you have to say about security and privacy on Twitter or Facebook? Are such social media apps really secure when you use a security protocol?
Jack: Yeah I think they are secure, for the most part. If not, you’d see people taking over the president’s accounts all the time, and to my knowledge, Trump’s Twitter has only been hacked 3 times due to weak passwords. However, there are ways to bypass the security. Phishing the user, guessing their password, or stealing their phone are all pretty easy ways to get into someone’s account.
But I still don’t trust that social media sites have my best interest in mind. They are building a giant profile on my behavior and likes and then selling that to advertisers. Even if you’re not a member of the site you still get tracking pixels on your computer and such. I don’t trust that social media is keeping my data private.
Question #8: Have you personally used the dark web? Is it really that dangerous like the people used to read on the internet?
Jack: Yeah I go there [the dark web] all the time. If you don’t know what you’re doing, you could end up in the wrong end of town. But if you know how to move around it’s not too bad.
Question #9: Which type of security do you use on your mobile phones and computers? Do you think a VPN app is best for privacy during this time when a hacker can easily penetrate your device?
Jack: VPNs are good tools to use to help stay more private and secure. I recommend them.
Question #10: What do you think companies should work on the most when it comes to device security? What do you suggest? Which areas are the most vulnerable?
Jack: I think self awareness is lacking sometimes. I see companies stand up servers and build out applications, without doing any security testing on it or having someone secure the system. Even if using cloud services to build your thing it’s important to get checked before you get wrecked.
Thank you so much for the interview, Jack. As for our readers, you can also follow Jack on his Twitter account @JackRhysider where he regularly shares his opinions. Keep following our blog for the latest cybersecurity updates and developments. That’s all for today, until next time!
PureVPN
January 2, 2023
1 year ago
