Chattinn Cyber

Chattinn Cyber


Dark Web IQ: Disrupting Cybercrime with Kevin Sherry

June 11, 2024

Summary


In this episode Marc Schein is chattin’ with Kevin Sherry, the founder of DarkWeb IQ, a pioneering offensive cybercrime prevention firm. Kevin shares his unconventional journey from a hedge fund trader and entrepreneur to a leader in the cyber insurance industry, eventually leading to the inception of DarkWeb IQ. Kevin’s entrepreneurial spirit and proactive approach to spotting opportunities in the evolving insurance landscape laid the foundation for his innovative venture.

Kevin details the origins of DarkWeb IQ, emphasizing his belief in the necessity for a new approach to cybersecurity. In 2020, amid the chaos of the pandemic, the cyber insurance market faced unprecedented challenges due to a surge in ransomware attacks. As market panic ensued, Kevin, leading a team at Everest, realized the need for a radical solution to protect against mounting losses. His sleepless nights and relentless pursuit of answers culminated in the idea of infiltrating and disrupting the cybercriminal supply chain, a concept that formed the core of DarkWeb IQ’s mission.


DarkWeb IQ’s approach diverges from traditional defensive security measures. Instead of merely implementing preventive controls, the firm actively engages with the criminal underground to disrupt cybercrime operations. Kevin recounts how the cybercriminal ecosystem, similar to a supply chain, can be infiltrated and dismantled by targeting its vulnerable links. Despite initial assumptions that such methods were already in use, Kevin was surprised to find significant gaps in the existing threat intelligence efforts, paving the way for DarkWeb IQ’s unique offensive strategy.


Kevin’s firm has intercepted over 800 attacks in two years, employing various methods from direct interventions to collaborations with vendors and government agencies. These interventions range from alerting companies about immediate threats to helping software vendors secure their tools against misuse. Kevin explains how his team’s efforts not only protect individual clients but also contribute to broader societal benefits, such as safeguarding critical infrastructure like hospitals and water treatment facilities.


Reflecting on lessons learned, Kevin highlights the importance of focusing on the basics of cybersecurity. Many attacks exploit simple vulnerabilities, often overlooked despite significant investments in security tools. He advocates for a pragmatic approach where companies prioritize understanding and addressing the most common attack vectors rather than being overwhelmed by compliance checklists. Kevin also stresses the value of proactive vulnerability scanning for insurers, while cautioning against the pitfalls of alert fatigue caused by overemphasis on less critical vulnerabilities.


As the conversation concludes, Kevin expresses his pride in the public-private partnership model that DarkWeb IQ embodies, working closely with law enforcement and the insurance industry to create impactful solutions. He reflects on his journey and the collaborative spirit of their mission, looking forward to continued innovation and progress in the fight against cybercrime.


Key Takeaways



  1. Kevin Sherry started DarkWeb IQ due to his frustration with the rise in ransomware attacks and wanted to find an innovative way to combat cybercrime.
  2. DarkWeb IQ works to infiltrate the cybercriminal ecosystem and supply chain to gain visibility into potential attacks. They intercept attacks and work with law enforcement to build cases against criminals.
  3. DarkWeb IQ has directly intercepted over 800 attacks in their 2 years of existence by infiltrating criminal operations.
  4. Most cyber attacks utilize basic methods, even though security has become very complicated. Focusing on how real-world attacks occur can improve security programs.
  5. Proactive vulnerability scanning by insurers provides value, but alert fatigue is a problem. Focusing alerts on key vulnerabilities that are likely to be exploited is important.

Key Quotes



  1. “By late Q3 of 2020, there was panic in the marketplace and it was noticeable. People were scared.”
  2. “I was angry at the idea that these a**hole ransomware criminals in eastern Europe and Russia were going to potentially undo five years worth of blood, sweat, and tears I put into building this business.”
  3. “What we were proposing was essentially we felt that we had a good legal argument that could allow us to go in on a consistent and scalable way to engage with all sorts of criminals that are in that ecosystem in a way that just wasn’t being done.”
  4. “We’ve had over 800 of those so far in our two year existence.” (Referring to direct attack interceptions)
  5. “Most vulnerabilities don’t matter. 98% of vulnerabilities are literally never going to have a weaponized exploit. They don’t matter. You shouldn’t be patching them. You’re wasting and depleting resources.”

ABOUT OUR GUEST:



Kevin Sherry is a highly accomplished professional with a strong focus on cybersecurity and public-private partnerships. Currently, he leads a prominent public-private partnership aimed at safeguarding U.S.-based companies against imminent ransomware attacks. With a proven track record of success, Kevin has built a market-leading and best-in-class cyber insurance business from the ground up at a top-tier carrier. Additionally, he played a pivotal role in establishing Prime International Trading’s first high-frequency trading team, which generated over $4 million in profit for the firm and laid the foundation for the firm’s success during times of disruption. Kevin’s passion for making a positive impact extends beyond the business world. He co-drafted a blueprint and secured funding for an initiative to break the cycle of poverty for coffee farmers in Flores, Indonesia, in collaboration with Noble Coffee, local political leaders, and NGOs. Today, parts of the plan are being executed, bringing tangible benefits to the community. Kevin holds a Master of Science in Finance from the Simon School of Business, where he was a member of the prestigious Beta Gamma Sigma honor society. With his expertise and dedication, Kevin Sherry continues to make significant contributions in the fields of cybersecurity, finance, and social impact.





FOLLOW OUR GUEST:


WEBSITE | LINKEDIN


ABOUT OUR HOST:


National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.


FOLLOW OUR HOST:


WEBSITE | LINKEDIN