Is it a good Idea to have a secret Internet Alias?

Given that an anonymous UK Malware researcher Malwaretech was able to prevent the spread of the WannaCry ransomware malware, just by registering a domain, do you think it's a good idea having a secret identity for use in the Cyber Security field? Look at it this way, if say UK researcher was Bill Smith, and he came out and said I stopped the spread of this malware, he just cost unknown criminals tens of thousand’s, if not millions of dollars in profits. They would be less then happy with him and may seek to express there displeasure by hacking the hell out of him. Is it worth the media fame and fortune identifying yourself? I would think the potential aggravation of dealing with revenge hacking on a personal level is quite a deterrent in making your identity public. Malwaretech must think so, his website is registered by a company instead of a name, registered from Panama, and the company is the one that provides the whois service on the internet. Of course he is known by someone, you can’t contact the FBI and say hey this is Malwaretech and I figured out how to stop this malware attack. But his professional identity doesn’t intersect with his anonymous identity in any way.

Does anyone here have a secret identity they use to taking public credit for security work they do? I’m not talking about the aliases we use on this website, but I guess your Techexam alias could be your secret identity as well, but it not for me.

Find more posts tagged with

Comments

cyberguypr

All I'll say is that as a security practitioner I hold multiple sockpuppet accounts with complex profiles for different purposes. If you are in InfoSec and not doing it this way, you are doing it wrong.

E Double U

I tried to explain to my wife that my secret identities were work related, but she wasn't buying it.

PC509

I've got my public profiles, which all link back to me personally (easy to look up and find out who I am). I also have several other identities online that I can use for other reasons. Nothing nefarious, wife knows about them and is free to look at them.

NetworkNewb

I have a bunch of anonymous accounts that I created to tro!l people on social media sites.... Does that count?

rob42

If your job is 'Cyber Security' and you reveal who you, then get a different job!

tedjames

Don't list on your LinkedIn page the tools you use to defend your company/agency. In fact, don't even list anything other than your title and company name..

sillymcnasty

Up until I made a linkedin, there was no practical way to find me on the internet. Any email I used for a login was always a junk email. Fake name everywhere. I find it creepy that people can find me lol

dustervoice

Yes i have about 15 different profiles.its difficult to keep track these days. normally i terminate accounts after mission is accomplished but i just cant be bothered any longer.

Iristheangel

My secret alias is Carlos Danger. That way they'll always assume it's that other guy :P

YFZblu

TechGromit wrote: »

Of course he is known by someone, you can’t contact the FBI and say hey this is Malwaretech and I figured out how to stop this malware attack. But his professional identity doesn’t intersect with his anonymous identity in any way.

Are you aware that @malwaretechblog was doxxed over the weekend? His identity is known. He says himself, he assumed he would be doxxed at some point. In his case, the key is in preparing for that moment instead of relying on obscurity to ensure his safety. The alias is a mustache and a pair of glasses. It was never going to keep him unknown. With all the work he did documenting the Necurs botnet I wouldn't be surprised if he was privately identified in the past.

cyberguypr wrote:

...If you are in InfoSec and not doing it this way, you are doing it wrong.

rob42 wrote:

If your job is 'Cyber Security' and you reveal who you, then get a different job!

Sigh. Regardless of what someone does for a living or what their title is, publicly disrupting criminal operations is something you would need to use an alias for. But blanket statements suggesting that all serious infosec people should use an alias, are just wrong. Infosec is far too broad for that type of thing.

NetworkNewb

YFZblu wrote: »

Sigh. Regardless of what someone does for a living or what their title is, publicly disrupting criminal operations is something you would need to use an alias for.

Exactly! Did we learn nothing from our Superheroes who do this kind of stuff for a living? You guys all see what happens when the villain finds out the hero's identity. They go after the people close to them. Don't be that hero without a secret identity!!

paul78

TechGromit wrote: »

Given that an anonymous UK Malware researcher Malwaretech was able to prevent the spread of the WannaCry ransomware malware, just by registering a domain, do you think it's a good idea having a secret identity for use in the Cyber Security field?

He's actually not anonymous. I believe he's a Proofpoint researcher iirc - I'm sure if you look - you can find him.

Like @cyberguypr - I have a few sockpuppet accounts that I use. Those are for lurking and to use services anonymously. But I also have alter-ego's where some are more anonymous than others. Like this one on TE. It really depends on what you want to accomplish. Many security researchers use handles as an alter-ego but it's not necessarily to be anonymous.

blatini

E Double U wrote: »

I tried to explain to my wife that my secret identities were work related, but she wasn't buying it.

+1

I don't really do this, but I also don't participate in many forums outside of TE. While my posts here are generally embarrassing in their own right I don't think any of them will get me sent to the mental ward or worse (yet)

UnixGuy

UnixGuy is my real name

But yes, I take it a step further and never use my real name on social media...completely different identity. Not because of working in "InfoSec"

jelevated

Absolutely. Keep separate user names and credentials for each message board you surf. I learned this is important primarily because you cannot change your user name or delete your account on most bulletin boards!

Nothing is as good an example of this other than that red shirt undecided election guy, Ken Bone. http://www.thedailybeast.com/articles/2016/10/14/ken-bone-s-disturbing-reddit-history-shows-he-s-not-nearly-as-adorable-as-we-thought?via=twitter_page using the same name for Reddit, he posted some really REALLY crazy stuff on there.

E Double U

NetworkNewb wrote: »

Did we learn nothing from our Superheroes who do this kind of stuff for a living?

I learned how great of a disguise glasses are from Superman.

"Hey Super, oh wait, it's Clark. Have you seen Superman? He was just here."

jstock

E Double U wrote: »

I learned how great of a disguise glasses are from Superman.

"Hey Super, oh wait, it's Clark. Have you seen Superman? He was just here."

This comment, made me think of this https://www.youtube.com/watch?v=NxtunkBUcRo. Lol

TechGromit

YFZblu wrote: »

Are you aware that @malwaretechblog was doxxed over the weekend? His identity is known. He says himself, he assumed he would be doxxed at some point

No I wasn’t aware, but I did say in my post he was known by someone, you can’t interface with creditability with the FBI and other government agencies anonymously. When a newspaper throws around enough money to identify a source, someone’s bound to talk, although it was claimed he was identified by tracking down his digital foot print, not sure if I believe that or not.

OctalDump

I wonder if part of this is that Info Sec attracts some of the more paranoid (it's not paranoia if they really are out to get you) types, so maybe some of the people in Infosec would naturally be inclined to act anonymously or pseudonymously online even if they weren't doing this for a job.

jcundiff

My line of work requires the use of multiple sock puppets, I have my personal social media pages, but I am very limited on who I add. None of my sock puppets have any common links between them and my personal stuff, although a couple of them know each other

shimasensei

In short, yes

ande0255

I figure if a security genius like Iris can have their own picture as their profile avatar, then I could come out of the shadows and change mine to my real picture too!

Iristheangel

Go for it. Not too worried about the kind of discussions we are having on here and most of my professional forums, LinkedIn, study groups, and blog to try to mask my identity on it. Plus it would kill any personal branding from all of that.

I would assume if you were looking to create a secret identity or mask your identity separate from your other online personas, there's probably a reason behind it beyond what we do here.