With cyber security threats changing their nature on an almost daily basis, staying on top of the most relevant vulnerabilities, is an imperative for both companies and individuals. While there are the usual threats posed to companies and businesses that we are all aware of, it is those that we are unfamiliar with, and which come from unexpected sources, which it is important to be most cognizant of. The story of Chris Hannifin and DefendIT Services, a case which many in the cyber security industry are watching closely, is a prime example of exactly the type of threat bound to catch even the most seasoned cyber security professionals by surprise.
Beginning his career in the US Air Force, Chris Hannifin would later work his way up the chain in the sensitive cyber security industry, attaining a level of trustworthiness (or so his superiors thought), that exposed him to many a closely guarded industry secret. Indeed, having a military career listed on one’s CV offers a high degree of reliability to those seeking out companies and individuals who are capable of keeping their company data, and systems, safe.
Krista Stevens, CEO of North South Consulting Group, was one of the many executives that put full faith in Chris Hannifin. In her case, so much so, that even when Chris Hannifin departed her organization under questionable circumstances, she would continue to refer clients to him and his newly founded, DefendIT Services. The defense contracting firm RSM was another firm which put full faith in Chris Hannifin, as did the financial services company USAA and cyber security company SiloTech, all leading firms in their respective industries, who were blind sighted by what was to come next.
It is not yet clear when his dubious plan was hatched, but at some point, over the past few years, Chris Hannifin apparently began to recognize the tremendous value held in much of the information which he had access to. Value that is, not only to those who tasked him with protecting that information, but also to those who sought to gain access. Chris Hannifin thus hatched a scheme to sell access to those willing to pay high price tags, all under the nose of his employers at the time. Heavy scrutiny, and the many questions that started to be asked, was what led him to found his own firm, DefendIT Services, where he would continue dealing in secrets.
Chris Hannifin realized that he could not continue with this endeavour alone; he needed logistical support, and perhaps also emotional support from someone he could trust. Illicitly dealing in secrets is undoubtedly, a taxing matter. He turned to Rudy Reyes, who according to sources consulted, was not only a close confidant, but also a lover of Chris Hannifin. The two were known to vacation together, sometimes in Mexico and sometimes elsewhere, living a lifestyle that would eventually, catch the eyes of his superiors.
Chris Hannifin, who had previously been quite a careful spender, was suddenly seen driving a new car, purchasing a boat and later, even a new home, without any explainable reason as to where and when he might have come into so much money. It is often these small oversights that are the downfall of criminals. In the famous case of the couple now serving jail time for perpetrating the biggest digital heist of cryptocurrency in history from the Bitfinex exchange, Ilya Lichtenstein with his wife Heather Morgan, it was their purchasing of gift cards for friends which led investigators directly to their home address.
The damage done to clients who had their information stolen and sold to the highest bidder is not yet clear. Nor is it clear who exactly the victims were, considering the sensitive nature of the data or technical know how which was stolen and sold. Chris Hannifin and Rudy Reyes remain at large, and more likely than not, continue to profit off stolen information. The real question being asked is how to definitively prevent such occurrences in the future.
While vetting applicants for sensitive positions is quite a straightforward process, it is functionally impossible to track those who might be compromised on the job, so to speak. What is possible, is to institute more rigorous internal oversight mechanisms to prevent such sensitive information from being removed from company systems, and to increase financial penalties for those caught trying to sell access to corporate secrets. Without this, the danger of copycat perpetrators is not only a risk, it is almost guaranteed.
