actorartathleteauthorbizcrimecrosspostcustomerservicedirectoredufoodgaminghealthjournalistmedicalmilmodpostmunimusicnewsworthynonprofitotherphilpolretailscispecialisedspecializedtechtourismtravelunique

Unique ExperienceI am Brandon from Toronto and I got to drum with The Killers AMA!

Jan 7th 2018 by BrandonMohan • 27 Questions • 180 Points

I am an infosec professional and "red teamer" who together with a crack team of specialists are hired to break into offices and company networks using any legal means possible and steal corporate secrets. We perform the worst case scenarios for companies using combinations of low-tech and high-tech attacks in order to see how the target company responds and how well their security is doing.

That means physically breaking into buildings, performing phishing against CEO and other C-level staff, breaking into offices, planting networked rogue devices, getting into databases, ATMs and other interesting places depending on what is agreed upon with the customer. So far we have had 100% success rate and with the work we are doing are able to help companies in improving their security by giving advice and recommendations. That also includes raising awareness on a personal level photographing people in public places exposing their access cards.

AMA relating to real penetration testing and on how to get started. Here is already some basic advice in list and podcast form for anyone looking to get into infosec and ethical hacking for a living: https://safeandsavvy.f-secure.com/2017/12/22/so-you-want-to-be-an-ethical-hacker-21-ways/

Proof is here

Thanks for reading

EDIT: Past 6 PM here in Copenhagen and time to go home. Thank you all for your questions so far, I had a blast answering them! I'll see if I can answer some more questions later tonight if possible.

EDIT2: Signing off now. Thanks again and stay safe out there!

Q:

The best part of the video for me is when the singer is playing the crowd and you start slowly building a drum roll. Is that something they do regularly, or was that improvised?

A:

How effective are the interventions, and in your opinion does the presence of cameras and being shown on TV seem to help, hinder, or have no effect on the addict's willingness to work on breaking their addiction?


Q:

In percentages, how much of your work is hacking in the old sense, like reverse engineering, digital tampering and usurping some kind of computer or other electronic gadget? How much is social engineering, role playing and in general would not need a keyboard?

A:

The build up is something they have been doing since the Day and Age tour, its just something I practiced while learning their live rendition.


Q:

80-90% of people involved in interventions go to rehab the day of, so pretty successful. It depends on how strong the family in order for the addict is to stay in treatment and stay sober after treatment.

A:

Information gathering, pretexting and recon usually (there are exceptions) takes up 3/4 of the time spent on a job. Actual time on the customer network itself is usually only a few days compared to the many weeks of preparing phishing and social engineering scenarios because we will already know where the systems are we have to access and already have gathered so many credentials to be able to access them. Most time spend after that is actually finding the target data we are after versus what user accounts and roles give access to what. Good question.


Q:

Where did you go after you went off-stage? Was there any follow-up from the band afterwards?

KICKASS JOB!

A:

Hello Ken. Just wanted to let you know how much you've inspired me to follow the career path I am currently on. I will soon be obtaining my LADC and my LPCC and largely have the show Intervention to thank for raising my interest.

My question for you is about the families of those undergoing the intervention. How do you/the production team work with families to provide a basic education about addiction? There have been many episodes where the family is so codependent and/or uninformed about addiction, and I'm wondering how the family education plays into your role on the show. Thanks for everything you do!


Q:

Have you ever gotten in trouble with the law? I mean as in, the police got involved before you could pull out whatever papers allowed you to break in etc?

A:

I went to the back of General Admission to enjoy the rest of the show. Ted Sablay (the touring guitarist) messaged me afterwards saying " Way to go tonight!"


Q:

That’s part of the pre-intervention. We spend anywhere from 4-8 hours with the family helping them see that co-dependency kills more addicts than the addiction itself.

A:

Companies and organisations usually rely on their own security services and departments first before escalating to the police, which is part of the process we are testing. Although we usually have a "get out of jail"-letter in the back of our pockets stating why we are there if things do escalate; we never had to deal with the law or the police and we intend to keep it that way =)


Q:

How nervous were you playing drums for so many people? Or was it just like working through the motions to the music?

A:

Is “sober January” where people who don’t necessarily have alcohol issues take off drinking for one month, a good idea?


Q:

Can you hack me and pm me my runescape password?

A:

I wasn't nervous while I was on the stage. Once I sat on that kit and had all those wonderful people cheering my name I felt comfortable. Surprisingly, I only felt nervous before I held up the sign.


Q:

I think if there’s a question that you need to take off a month, there may be an issue with alcoholism. Most normies don’t take a month off from drinking, or even come into their awareness to take off a month of drinking.

A:

hunter2


Q:

Buddy... I want to believe, so very badly, that this wasn't something pre-planned, as I just lived my dream vicariously through your video. How in the hell did you not cry little fanboy tears of joy at pulling that off??

A:

Do you ever find that the addict isn't as "bad" as the request is depicted? How do you choose who to intervene?


Q:

What is some of the craziest shit you've done while breaking into buildings?

A:

Well I can confirm that it wasn't pre planned and I felt like crying afterwards. Rocking out with The Killers distracted me from crying on stage haha.


Q:

Anyone that is asked to come in and intervene on someone, it’s that bad. If there’s a question at all, it’s that bad. It’s difficult to select who to intervene, because so many people need this help.

A:

There are a lot of examples that come to mind. If I had to pick a few: breaking into an ATM in the middle of a mall while hundreds of people pass you doing their shopping (and not caring because you are wearing the ultimate cyber weapon: a fluorescent vest). Walking through the basements of a dark data center of a financial institution after business hours and almost getting locked in. Replaying an employee's fingerprints on fingerprint access control readers using toilet paper. I'm sure there is more stuff that I am forgetting but those are the first things that come to mind.


Q:

Well man... Good for you, then! It's super cool, and you totally killed it. I was impressed at how well you all melded...You nailed all the cues. Did they invite you backstage or anything after the show?

A:

Throughout your years what have you come to realize is the hardest part of this job? Are there any specific moments or people that always stick with you?


Q:

Can you elaborate on this toilet paper operation?

A:

Thank you so much! and no right after the show I had to go home and pack my case. I had to leave really early for the Montreal show.


Q:

The hardest part of my job is helping families understand that they have a problem. If they change their behavior they can get a different result from their loved one. Most families believe it’s the addict that has the problem, and don’t want to look inside.

I have many moments and people that stick with me. The ones that stick with me the most are the successful ones that that have years of recovery like someone who I intervened just celebrated 11 years sobriety.

A:

If you are using an optical finger printer reader i.e. a piece of glass serving as the touch surface, then a latent print might be left on the reader. If the reader is wrongly calibrated and/or misconfigured then a piece of damp toilet paper on top of it can replay the latent fingerprint.


Q:

Man way to step up and own that song. If you could step in for one other band/song what would it be??

A:

It seems to me, from watching the show in the past and other anecdotal information, that opioid addicts often relapse within hours of leaving rehab. It's almost as if they never even tried/committed. Are these addicts more resistant to the idea of getting sober than other addicts?


Q:

Have you ever seen the show White Collar? If so, what are your thoughts on any of the cons on that show? Your story had me thinking of the ep where Neal/the FBI break into a bank to demonstrate weak points in its security.

A:

I would love to tackle Green Day's "Jesus of Suburbia"


Q:

No, I think that it’s just that it’s really hard to get sober and they’re living in a bubble in treatment. Without follow up and accountability and someone helping them and supporting them it’s almost impossible to stay sober. That’s why it’s so hard to stay sober. Thankfully there’s more support now to help people stay sober with after care.

A:

I have not, will check it out thanks.


Q:

Can you post the selfies? Really want to see those.

A:

Are the interventionists chosen by producers to be the best match for the patient, or is it more based on logistics?


Q:

So a white hat hacker? Also whats the easiest way you've broken In?


Q:

Each one is picked by the producers after getting to know the family and getting information about the addict.

EDIT; It’s like picking the treatment center, knowing the family and the addict, which treatment center and interventionist would be best for that family system.

A:

Knocking on the window of the kitchen at the back of a large office building where the target office was located holding a box that was empty.


Q:

So are they human or dancer? Still not sure about this...

A:

What helped you most in your recovery?


Q:

What was the size of your red team when you started. Do you have a team that competes in CTF events?

A:

Ronnie is for sure a Dancer haha


Q:

For me it’s knowing that recovery is a process, and even though I have over 28 years sober, I still have to work a program and do things myself. There is no destination, recovery is a process.

A:

A red team assigned to a job usually consists of 3 to 4 people depending on the skill sets that are required with 2 people being on the job on a constant basis over a period of a few months in order to ensure realistic results and responses from the target company. We sometimes compete in CTF events if we have time.


Q:

It seemed like Ronnie was talking to you while you were playing. What did he say?

A:

What is different about the new season and What can we expect?


Q:

What does your hacking kit look like? Could you list some (or even your favorite) tools you're using in your daily job/life?

A:

The few times I glanced over he was cheering me on "Yeah! Yeah! Yeah!"


Q:

The new season is really exciting. We’re going into a community and showing people that there is a solution in communities. We’re helping communities along with law enforcement, elected officials, and people that lost loved ones and working as a treatment team.

A:

Here is a selection that we usually bring on the job and after carefully planning our attack plan using at least two to three attack waves spread out over a couple of weeks or months:

  • USB Armory, to have a self-contained system with everything you need
  • Multi-band WiFi dongles with Atheros chipset suited for frame injection
  • Proxmark EV2 or custom RFID/NFC copiers for access-card stealing or cloning
  • Magspoof for access-card stealing or cloning
  • Weaponized PocketCHIP / Raspberry Pi / Beaglebone with LCD display for WiFi hacking using a rogue access point. But also for running tools on the go such as network manipulation, credential extraction and man-in-the-middle tools
  • Rubberducky or teensy for fast typing of payloads when required
  • USB keyloggers and USB extension cords either stand-alone or WiFi enabled
  • Ducttape and straps to install rogue network implants for later persistent network access
  • Extension cords and network cables
  • Bluetooth headset earpiece to stay in contact with my colleagues keeping watch
  • Lockpick kits, bump keys, jiggler keys and other lockpicking tools
  • Pliers, wrench, screw drivers for breaking down a lock or door
  • Camera to photograph evidence and findings
  • USB thumb drives tied to a lanyard and old keys to be "left" in bike sheds and parking lots containing interesting and enticing content for the lucky finder
  • Fake paper access card and badge holder
  • Banana, bunch of papers or other things to hold in your hand. People who have something in their hand walking around the building are usually not regarded as suspicious
  • Disguise and clothes if you have to switch roles. You might have come into the building as the smoke detector check-up guy and might have to transition to a suit and tie to be able to get into the executive offices in another wing of the building

Q:

It seemed like Ronnie was talking to you while you were playing. What did he say?

A:

Which drug's addiction carries with it the worst side effects? (As in, what is the overall worst drug to be addicted to in how it affects your day to day life).


Q:

How did you learn to do everything including experiences and education history?

A:

I’m a Department Manager under the Loblaws banner by day, gorilla filmmaking drummer by night!


Q:

I think the worst ones to detox from are Suboxone and Methadone they have the most painful detox physically.

A:

Work as a system administrator when security consultancy simply didn't exist. Work as a network engineer and web master. Learn about where companies drop the ball when it comes to inter-company or inter-department communication and responsibilities. Learn where companies cut corners and try to exploit those. Learn social engineering and what drives or upsets the meatware i.e. the people working there. Have expert knowledge about operating systems, networks, web, mobile and other facets. Check out this list of tips to get started: https://safeandsavvy.f-secure.com/2017/12/22/so-you-want-to-be-an-ethical-hacker-21-ways/


Q:

What kit do you have at home?

A:

Do you think the United States can overcome this opioid crisis?


Q:

Like the movie Sneakers?

A:

I have a Yamaha Oak Custom.


Q:

Yes, I think if we follow the doctor diversion programs that have an 85% success rate, with aftercare, we could make a huge change.

A:

One of the better - if not the only real - red teaming movie out there with a killer cast. I love it and watch it at least once or twice a year. No more secrets Marty.


Q:

Love the show and the amazing results it seems to produce! Are you close with the other interventionists? Any memorable experiences with Jeff/Candy/etc? Thanks!

A:

This sounds like a dream job. when it comes to legal means in attacking networks. Are there any tool, methods that are actually illegal?


Q:

Yes! I love seeing them and Donna as well. As you can see we run into each other at different events. Candi and I just did a video together that we posted on the Intervention Facebook page.

A:

If you think this is a dream job, we are hiring: https://www.f-secure.com/en/web/about_global/careers/job-openings


Q:

Love the show!! So many people are struggling with addiction you help so many. What made you want to be an interventionist?

A:

What is the weirdest thing or setup you encountered during paid or unpaid hacking?


Q:

I think, after watching families suffer and be in so much pain after someone dies, it really motivated me to help because the addict is high and doesn’t realize the pain their causing.

A:

Finding video surveillance and access control management systems exposed to the internet without firewall. Finding "this is the backup of the entire website.zip" in the webroot of a production server for a bank. Being able to guess the password of the network connected guest badge allowing us to print our own guest badge every day and just walk in the building (the password was 12345). Production level financial information servers running under the desk of a sysadmin because of internal IT politics and tensions. A company with a garbage container outside containing hundreds of computers and hard drives in perfect working condition containing passwords, documents, financial records, etc.

Once breaking into an ATM in a major retail chain we triggered the seismic alarm and it started to make a lot of noise. When looking around no one even looked at us. Until a child, trying to go through the revolving door to get into the mall, touched the glass wall of the revolving door triggering the alarm and stopping the door for a couple of seconds as part of the security measure. The glass revolving door alarm sounded exactly like the seismic alarm of the ATM and thus no one cared =]


Q:

What's your favourite food? ;D

A:

If someone is planning to learn a computer programming language, which language would you recommend to that person, which would help the most in pen-testing?


Q:

All food! I have a food addiction. I switched my addiction to food addiction and finally addressed that this year. I love all foods.

A:

Everything is geared towards Python these days so having proficiency in Python and scripting languages such as Powershell/Bash/etc will give you a lot of options when having gained access to systems or when wanting to develop something. Check out the grayhat hacking and blackhat hacking book series.


Q:

It seems like many of the addicts that you help are "surprised" when the intervention actually happens. Are they aware from the beginning that they will be on a show called "intervention?"

A:

Thanks! Python 2 or 3?

(I guess both, probably...?)


Q:

No, they have no idea that they’re on the show Intervention. If they do we shutdown production. They have agreed to be filmed and are approved by a doctor.

A:

Yes.


Q:

What does it mean that this seasons participants are “interconnected”?

A:

Sorry if this already got asked, but what’s your opinion on shows like Mr Robot? If you watch it, how possible is a scenario like that? Do you feel like the show addresses all parameters required to pull off a hack of that scale?


Q:

Normally, we fly all over the country and intervene on individuals, but this season they will be all connected by living in the same community.

A:

Mr Robot is being praised for its realistic portrayal of hacker tools and attacks and it is indeed a fun show in how they show how simple it can be to compromise something. They get the occasional thing wrong and I always find it refreshing to hear Sam Esmail and team talk about how they actually fix the things they got wrong afterwards. But it is and remains a show. I don't think we are going to see anyone trying to melt backup tapes anytime soon but I like the cyberpunk aspect to it ;)


Q:

how do you feel about contractors contracts significantly limiting your attack surface?

A:

We usually get in pretending to be the contractors themselves


Q:

How do I protect myself as a normal user best from cyber attacks?


Q:

I read that you are from Belgium. As a Belgian Computer Science student who is also interested in (Software) Security, is there any University in Belgium that you recommend for getting my Masters?

A:

I am no longer living in Belgium I'm afraid and my school days are long over. It all depends on your interests and what it is you want to with information security.


Q:

What are the books that you would recommend to people who are already into hacking and who would like to acquire more knowledge on different hacking techniques as well as the way of thinking?

A:

It kind of depends what domains you want to get better at. Most of the skills that are required are expert sysadmin skills, being able to program and script things together and having a solid understanding on how the technology works. But, also understanding what the caveats are of that technology being used in an organisation and how it can be used against that organisation. And for that you need to know what the daily tasks are of a sysadmin, network administrator, developer and deployment environments, how code gets distributed from the IDE to the production environment, how email environments work, etc. Basically how a company works and how it functions.

Rather than going the "hacking exposed" and other book series way which are more tool related and which will not help you in understanding; I am a big proponent of playing war games or hacker challenges. Learning by doing and getting your hands dirty on your own lab, writing your own tools and code is going to be the most productive for you to learn new things. But from a pure technical side I always recommend the following books as a bare minimum:

  • The art of software security assessment
  • Exploiting software and how to break code
  • The tangled web
  • O'Reilly's Network security assessment - latest edition
  • The web application's hackers handbook
  • The browser hackers handbook
  • Mobile application hacker's handbook
  • Grayhat Python
  • <Any book on your favorite operating system>
  • <Any book on your favorite programming language>
  • <Any book on TCP/IP>
  • <Any book on ITIL and IT processes and procedures>
  • All the books I forgot for which you are all facepalming right now

Q:

What are your favourite ‘war games’ and ‘hacker challenges’ ? From a 2nd year comp sci student looking to go into security!

A:

Try http://overthewire.org and http://cryptopals.com and get involved with their communities. Look for any kind of challenge be it system or network based. SANS.org usually has a recurring hacker challenge e.g. their holiday challenge, as do the major conferences which they archive for later download and replay. As far as originality I like http://www.pwnadventure.com a lot.


Q:

Are there any programming languages that are better to learn specifically for ethical hacking?

A:

If I had to pick two, python and powershell will help you the most, in no particular order.


Q:

Is protocol fuzzing something you leverage in your approach? How common is fuzzing in hacker community?

Red teaming seems to be a method of finding the weakest security links possible, but what about slighty more difficult vulnerabilities that you dont attempt to find bc they take too long to discover or you just miss them? Do you suggest more significant security program change within an organization after you exploit the low hanging fruit?

Thnx!

A:

Fuzzing is more useful if you want to find vulnerabilities in a certain piece of technology. It is extremely rare we use fuzzing as part of a red team test but it has happened that we were able to fingerprint what software a company was using as part of their daily tasks, find vulnerabilities in it and then exploit those in a way that advances us towards our objective.

There will always be things that we do not find as part of a red team. We only need to find one way in. If a customer is interested in finding as many vulnerabilities as possible in a given solution, technology or process then we can offer that service to them as well but it kind of goes beyond what a red team is trying to achieve. Which is to test the resilience and monitoring capabilities of an organisation against a targeted attack where the attacker picks the attacks, not the defender. Once the detection mechanisms reach a certain maturity and most low hanging fruit is found, then and only then as part of an iterative process can more controls and processes be introduced.


Q:

Do you enjoy your job? I work server administration and I find myself disliking it more and more everyday. I would rather be breaking in than patching holes constantly it seems. I would like to learn more hacking do you have any educational sources you recommend?

A:

I do - because I get to use my own creativity in order to see how far I can push a scenario that might result in compromise and use/develop some custom tools and techniques along the way.


Q:

What's an invaluable piece of equipment we wouldn't think of?

A:

A stepladder


Q:

Physical access to equipment grants you an open door to the entire system...that is easy

Has the government ever used your services? DoD, NSA, etc. Places where if you are caught attempting entry you’ll meet a 556/762 or 9 round...

Without physical access, what is your success rate?

Then, also...what industry typically has the best hardening?

A:

I am based in Europe so we do not deal with DoD or NSA etc. For places where physical entry is very difficult we try to get as close to the target as possible. That means dropping USB thumb drives on the parking lot or just sending employees backdoored USB gadgets using postal mail with a thank you letter for their attendance to <conference they went to last week and made a big thing about on LinkedIn>. That can also include phone or email phishing to entice employees to give us their credentials so we can re-use them to log on to their services such as VPN end-points, web portals, etc. As far as the success rate of physical access, it is very hard to put a number on that but on average 4 out of 5 companies can be compromised with a physical premises access attack as the initial breach. Although we do not stop there and try the other methods as well e.g. phishing, wifi "evil twin" setups etc