Rob Fuller has been helping the United States Marine Corps, the Pentagon, and the Senate for 14 years now. He has worked with many cyber defense teams and Fortune 50 companies.
Besides winning accolades, Rob speaks about the latest developments in cybersecurity at many conferences, such as Area 41, HackCon, DefCon, ShmooCon, CarolinaCon, and RVASec. He is a former United States Marine, a proud father and husband, currently working as a CTO and Red Team Captain of the Mid-Atlantic Collegiate Cyber Defense Competition (CCDC).
Rob was a technical advisor for Silicon Valley and enjoys hosting his own show called “Metasploit Minute” for Hak5. PureVPN team had a chance to discuss a few important details on cybersecurity with him.
Question #1: Hi Rob, you seem like an interesting person to talk about the CyberSec world. How does it feel like working for the Marine Corps and the US Senate? What were the biggest challenges that you have faced over the years?
Rob: The Marine Corps was one of the best experiences of my life. I learned and grew not only technically, but emotionally and maturity wise in a very short period of time. The Senate was completely different. There was a lot less structure and a lot more political navigation that needed to happen to get things done. Again, I think it was still a good experience that I learned from. The biggest challenge I’ve ever faced, however, was more related to self awareness than anything specifically job related. It took a complete meltdown after the death of my brother to help me focus on what is important and what isn’t. That kind of trauma really helps you to let go of the drama and infighting that many people get hung up over, but publicly on Twitter/Social Media, as well as professionally at the workplace. I wouldn’t recommend that path though. I’d much rather be immature and still have my brother around.
Question #2: You know there were so many ransomware and malware attacks in 2020. How do you think we should combat these emerging threats at a company level?
Rob: Ransomware and malware aren’t really “emerging” threats. They were just called viruses, worms, and trojans before they were called malware. The same things helped back then as they do now. Worms and ransomware can’t spread if you have good network and privilege segmentation. Virus, trojans, and other malware can’t do much if you have good network and privilege segmentation. Starting to see a trend? However, network and privilege segmentation is hard. It’s the interconnectedness of networks and software that helps companies be more efficient, so it takes elegant and custom solutions per company to create that synergy between business function and security.
Question #3: Silicon Valley is an awesome show btw. How was your experience as a technical advisor? What other tech shows do you recommend besides Silicon Valley?
Rob: My experience on the show was fantastic. Getting to see the way TV shows are created and written from start to finish will be an experience that I will remember forever. I’m not sure there are any other shows currently on air that are similar to Silicon Valley. It had a quite unique story line to my knowledge. As for recommendations, I’m not sure there are any other shows with the same strict adherence to being technically correct as Silicon Valley was either. Sorry…
Question #4: What do you generally cover in your security conferences? Any crucial topic that raises more eyebrows?
Rob: Honestly I think it’s pretty random the topics that I cover. They usually are pentest and Windows centric but are generally all over the scope that entails. I’ve talked about everything from ethics and metrics to reverse engineering encryption.
Question #5: Are you still attending virtual conferences at home? And more importantly, what cyber defense tools are you using while working remotely?
Rob: I haven’t been attending conferences virtually. I tried in 2020, but it’s hard to keep focus when the speaker isn’t engaging (which is no fault of their own. They are staring at a camera. It takes years of practice to be engaging to an audience you can’t see). As for cyber defense tools, I’ve recently been trying out VECTR, Hive, Graylog, and some Sysmon and WEF configurations.
Question #6: How difficult is it to take a team from Hammer to Adversarial Friendship stage? Any particular roadblocks that you experienced in most companies? (For our readers, Rob divides security teams into four phases when he works with companies that ranges from Adversarial, Hammer, Friendship, to Adversarial Friendship)
Rob: I wouldn’t say it’s difficult, it just takes time and empathy. One big ego blast can reset relationships back to hammer in an instant, so it just takes time and communication. Most of the roadblocks that happen are usually due to bad past experiences. Working past those experiences, whether they be from a recent, or past experience, it has to be acknowledged and negotiated past.
Question #7: You must have heard about SolarWinds and Garmin. Do you think the blame falls on the company’s vulnerabilities or was it a high-level attack by a rival country?
Rob: I don’t have any inside knowledge so this is just speculation, but I would suspect it was a foreign APT actor like was reported in the news. As for the blame, I think no matter the sophistication of the threat actor, you can still blame the company a bit. There is always more you can do to prevent breaches like this.
Question #8: What are your predictions for 2021 and do you think we will experience more ransomware attacks?
Rob: Ransomware works, and until we as an industry can find and implement a solution to it, it’s going to continue to be used. Do I know what solution will be, no, but I absolutely believe there is one. Everyone thought buffer overflows would last forever, until someone brought along ASLR, DEP, and other protections that make standard buffer overflows practically impossible on modern operating systems.
Question #9: What software or tools that you use on your computer to prevent cyberattacks? What do you have to say about using a VPN?
Rob: The same as I talked about earlier. I do network and privilege segmentation through a number of software tools, mostly host based firewalls, hardware firewalls, and multi-tiered authentication. As for VPNs, you should only use a VPN that you set up. Unless you are in a situation where freedom of speech is your main concern and then using multi-country paid VPNs or Tor is your better option.
13 years, 7 months, 3 days and Iphones (for that matter all @Apple devices) still can’t read/understand an ICS file. The second most used feature on a smart phone is the calendar, and it can’t read the standard file format… pic.twitter.com/UxozkHSAgc
— Rob Fuller (@mubix) February 1, 2021
Question #10: If you have a chance to put something on a billboard, what would you say? (We love your Twitter memes by the way!)
Rob: It would say “Be Kind, Rewind. But mostly that first one.”
Thank you so much Rob for the interview. We are sure our readers must have enjoyed this edition of our cybersecurity expert interview series. As for our readers, you can follow Rob Fuller on his twitter @mubix where he often share his thoughts.
PureVPN
January 2, 2023
1 year ago
