Facebook gratefully friended Gary Warner and his team of student researchers at the University of Alabama, Birmingham’s Computer Forensics Research Laboratory (UAB CFRL). The story behind why starts with Koobface, a computer worm that raised havoc among Facebook users. In just one year (2009), Koobface stole $2 million from Facebook members.
Gary and CFRL team members figured out who was behind Koobface, providing enough evidence to authorities for them to shut down the operation. To show their appreciation, Facebook donated $250,000 to UAB.
Because of the group’s success, Warner, in partnership with UAB, privatized the research to create Malcovery Security. Today, Gary and Malcovery Security are helping several big-name corporations, including Facebook, avoid issues like Koobface.
Techopedia asked Warner a series of in-depth questions in an effort to shed some light on how he got to where he is today.
Techopedia: What does a typical day look like for you?
Gary Warner: I try to hit the road early in the morning. First stop is Starbucks for a double shot and a Venti Bold. Next stop is the office. I use mornings to post on my blog site or check in with Malcovery clients. The rest of the day is a blur, looking at new data, analyzing potential email-threat clusters or just-discovered malware and, if needed, helping the analyst team find new intelligence against our high-priority cybercrime groups.
Techopedia: What does a great day look like?
Gary Warner: "Great days" for me revolve around discovery and communication. When I am able to help the team document new threat patterns or have the opportunity to share our previous analysis with large groups of security professionals at banking, law enforcement or security conferences, I am in my element. I also love the nights when I teach a class at UAB. There is an energy that I gain from watching the light bulb go on for the next generation of crime fighters.
Techopedia: OK, what about a terrible day?
Gary Warner: Terrible days only have 24 hours in them and in my case, the terrible bits often involve weather delays. A lesser terrible would be when one of the Malcovery teams has made an amazing discovery, but I cannot give it my full attention because I’m in a meeting. Still, I see good coming from the terrible bits: I am learning to trust my team. It’s a great feeling when an incredible report goes out and I realize "the team did that one without me."
Techopedia: What’s the coolest thing you’ve ever done or achieved in your career?
Gary Warner: While it was a great feeling to address the 500 Messaging Anti-Abuse Working Group members who selected me for their J.D. Falk Award last year, the best ever feeling is the satisfaction I get when I learn that a former student is giving a presentation on their work at a major international conference.
Techopedia: What’s the best piece of career advice you’ve ever been given?
Gary Warner: Doing everything your boss expects of you is a great way to keep your current job. Exceeding expectations will open the future to you.
Techopedia: What’s your workplace pet peeve?
Gary Warner: Fortunately I don’t see it in my current workplace, but in previous jobs I came across people who should have been working, but were spending their time wandering from cube to cube in idle conversation.
Techopedia: What’s your productivity secret?
Gary Warner: In cyber intelligence, it’s all about networking. When I face a situation where I don’t know the answer, I have a significant portion of the world’s top cybercrime fighters only an instant message away, and I am never shy about reaching out.
Techopedia: What technology do you rely on the most?
Gary Warner: In my job, I analyze data, lots of it. That’s why I love IBM’s i2 Analyst’s Notebook software. It helps me figure out what data to extract, store and manipulate. My favorite part of what I do happens when I figure right, and the data reveals its secrets.
Techopedia: How do you use social media?
Gary Warner: Skype is my main way to communicate with my team, subject-matter experts and investigators from every part of the world. I also use Twitter to see what other analysts are working on, and to share new threats we see at Malcovery.
Techopedia: What’s the biggest challenge you’ve been faced with on the job and how did you solve it?
Gary Warner: Our biggest challenge is in understanding that not every organization is ready to receive cyber intelligence. If I can share key indicators with a company, allowing it to identify new victims of fraud in its customer base, but the company’s fraud team does not have access to those indicators, it can be disappointing. Being patient and sharing intelligence at a rate companies find acceptable eventually breaks down those types of barriers.
Techopedia: When you were a kid, what did you want to be when you grew up?
Gary Warner: I wanted to combine my love of linguistics and computer science to be a Bible translator.
Techopedia: What’s your dream job now?
Gary Warner: Mining evidence to reveal cyber-threat intelligence; building better tools, techniques, and training to do it even better is my perfect job. And, what’s more, I’m doing it every day.
Want to fight cybercrime? It’s a big, profitable field many techies are still overlooking. Read more here.