GoKawiilDark Reading's Becky Bracken: Hello everyone and welcome back to Dark Reading Confidential. It's a podcast from the editors of Dark Reading, bringing you real world stories straight from the cyber trenches. I'm your host, Becky Bracken. I am joined today by Dark Reading's editor-in-chief, Kelly Jackson Higgins, for a special episode and a look back at a big moment in Dark Reading's 20-year history. Hello, Kelly. Thank you for coming on today.
Dark Reading's Kelly Jackson Higgins: Hi Becky, I'm so excited to be here, thank you.
DR's Becky Bracken: Okay, so we also wanna give a big welcome to a long time friend of Dark Reading, penetration tester Steve Stasiukonis, who back in 2006, led a blockbuster pen test at a credit union and the subsequent write up made quite a splash, yes Kelly?
DR's Kelly Jackson Higgins: My gosh, yes. So literally a few days after we launched on May 1, Tim Wilson, the late Tim Wilson, who was our editor-in-chief ... I need to ask you Steve, how you guys met ... somehow recruited Steve to write a column about his work that he does. We were trying to get more voices of practitioners in the field. Steve's piece, which was called "Social Engineering, the USB Way," went viral.
Related:RMM Tools Fuel Stealthy Phishing Campaign
And back then it was all about Slashdot picking you up, not Reddit, and that's who picked it up. And we watched our traffic, which we would be excited if we got back in those days, like we were brand new. So we were like, if we get a thousand page views today.... And we watched everything just continue to go crazy. And we realized it was Slashdot. And to this day, that piece kind of became an urban legend. People talk about it in passing. And I'm like, hey, that was from the column on our site. So it became sort of a historical marker in the whole social engineering space.
So remind me if that's the case: Tim recruited you, Steve, to write about this. Tell me, how did you guys end up meeting? I was never clear on how the assignment went out.
Steve Stasiukonis: There was a mutual relationship with a gentleman that was at Syracuse University, I think, either communication school or IT school. And he called me up and he was like, listen, he goes, "You got any like cool stuff going on that we could write about?" And I was like, I think so. I got this job where they asked us to break into this credit union. And I said, they want us to use USB drives. And he goes, "Well, that's going to be interesting." So I was like, let me just see how it goes. And then if it works out, you know, I'll throw something together for you. And that's kind of how it happened. And then he hooked me up with Tim (Wilson). That's that's kind of where how things transpired.
Related:BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
DR's Kelly Jackson Higgins: That's right, I forgot about that. So let's go back 20 years ago. So today, people are like, USB sticks, what are you talking about? Tell me about sort of what the landscape there was with people using USB sticks and how this whole pen test engagement with the credit union came about. What were they looking for and what made you take that kind of approach, and what you guys did?
... continue reading