Cyber Security Weekly Podcast
Episode 270 - Working in partnership with law enforcement - ESET cybercrime investigations
Alexis Dorais-Joncas started his career in cybersecurity in 2010, when he was hired by ESET as a malware researcher. In 2015, Alexis was appointed head of ESET’s R&D branch office located in Montreal, where he and his team focus on cutting edge malware research, network security and targeted attack tracking. Their goal is to shed light on the latest trends and developments in the malware ecosystem and implement efficient and innovative countermeasures to allow ESET customers to be safe online.
Alexis is an established speaker on current cyberthreats, having spoken in front of both very technically literate audiences at events such as Bluehat and M3AAWG, and in higher level settings such as RightsCon, SERENE-RISC workshops and GoSec. He has been quoted in several security and technical media such as Wired, ITWorldCanada, DarkReading and Ars Technica, with broadcast appearances on Radio-Canada and Sky News in the UK.
In this podcast with Jane Lo, Singapore Correspondent, Alexis takes the audience behind the scenes of real cybercrime investigations ESET has been involved in. By going over success stories such as the Andromeda and Operation Windigo busts that brought down multi-million dollar criminal networks, Alexis helps shed some light on how private security companies partnerships with law enforcement agencies work.
With an excess of 350,000 new malware files observed each day, Alexis explains that one of the first steps is turning these into unique and actionable insights, using a combination of automated unpacking and decryption tools and in-depth analysis.
In sharing such threat information with law enforcement agencies, he highlights the integral role of trust, including the importance of following protocols where customers’ data are involved, and exercising caution to avoid “tipping off”.
While waiting for the “right moment to strike”, Alexis points to another important role that the private sector plays. To help the law enforcement arrest the cyber criminals and build the case for indictment and prosecution, Alexis shares how his team provides comprehensive training to the law enforcement agencies.
Alexis also discusses how the work behind Andromeda and Operation Windigo busts took up to 4 years, and how identification of victims through “sinkholing” forms part of the take down efforts.
As these two cases illustrate, with the right private-public partnerships and collaborations, Alexis stresses while cybercrime may be borderless, cyber criminals are not immune from prosecution.
Recorded: 18th June 2021, 7am Singapore/ [-1 day] 7pm Montreal