Chris Kubecka


Chris Kubecka is an American computer security researcher and cyberwarfare specialist. In 2012, Kubecka was responsible for getting the Saudi Aramco network running again after it was hit by one of the world's most devastating Shamoon cyberattacks. Kubecka also helped halt a second wave of July 2009 cyberattacks against South Korea. Kubecka has worked for the US Air Force as a Loadmaster, the United States Space Command and is now CEO of HypaSec, a security firm she founded in 2015. She lives and works in the Netherlands.

Early life

Kubecka’s mother, who was Puerto Rican, worked as a robotics programmer. Due to financial constraints, she often brought Kubecka to her workplace instead of using daycare. Kubecka said she "fell in love with programming" when she programmed a haunted house on the screen to say "boo". She learned to program and at the age of 10 hacked the US Department of Justice. At 18, she began working for the US Air Force.

Saudi Aramco security work

In 2012, Saudi Aramco's network experienced one of the worst hacks in history and Kubecka was then contracted to get the company's systems back up and running. Kubecka explained that the Saudi Aramco network was flat so hackers were able to roll through quickly and infected close to 35,000 of its computers. Facing the emergency and immediately following the hardware attack, Saudi Aramco purchased 50,000 computer hard disk drives.

Cyber terrorism work

In 2014, Kubecka fixed an email and rootkit attack on the Royal Saudi Arabian Embassy in The Hague, Netherlands. The first phase of the attack was caused by a weak email password of 123456 used on the official business embassy email. An Embassy insider and ISIS collaborator attempted to extort money from Prince Mohammed bin Nawwaf bin Abdulaziz, Sumaya Alyusuf and from the Royal Saudi Arabian Embassy of The Hague. During the second phase of the attack, the insider sent an extortion demand of 25,000 USD each from several Middle Eastern and Turkish Embassies. The third phase of the attack was caused by the Diplomatic Corps sending a warning notification to all The Hague embassies via email using CC not BCC, exposing the other official embassy email accounts to the attacker. During the fourth phase of the attack, the insider taunted the Diplomatic Corps, The Hague embassies and hacked into the Secretary to the Ambassador of Saudi Arabia personal Gmail account. The attacker rose the extortion demand to $35,000,000, then to $50,000,000 saying ISIS would destroy the Kurhaus of Scheveningen during the planned National Saudi Day celebrations to which over 400 dignitaries had been invited.
After the Shamoon attack and Dutch Embassy hacks, the Kingdom of Saudi Arabia and Saudi Aramco made security a top priority. Stanford University signed an MoU with one of the security colleges of Saudi Arabia in 2018.

Career

Kubecka was at Saudi Aramco until the mid-2015 and then founded HypaSec. Kubecka is considered an expert on cyberwarfare and has been a keynote speaker at trainings, and conferences on cyber espionage, security information and event management, Industrial Control Systems Supervisory Control and Data Acquisition, IT and IOT security topics. Kubecka was the keynote speaker at Security BSides security conference in London in 2017 and a featured speaker at OWASP's Global AppSec Amsterdam 2019.

Works

Down the Rabbit Hole: An OSINT Journey. Hack the World with OSINT. Santa AI 2.0. How to Hack a Modern Dictatorship with AI: The Digital CIA/OSS Sabotage Manual. The Drone Wars: OSINT Field Guide to Russian Drone Footage & Verification. The Hacktress Intel Brief: FPV Doctrine: From Swarms to Psychological Warfare.