I recently came across a blog post by Huntress that I found pretty interesting. Below is a quick summary:

1. Huntress investigated a machine due to multiple reports of malicious activity

2. Huntress team went through browser history and local files to determine that the machine was being used by a bad threat actor

3. Found machine belonged to previous verified hacker by unique hostname

4. Force uninstalled huntress agent from machine

Full Article here: https://www.huntress.com/blog/rare-look-inside-attacker-operation

Vendor Trust and Ethics

While this is a great opportunity to get valuable insight into an attackers process and mindset, this also brought some pushback regarding the amount of access Huntress has to their customers. In the IT field I would have thought that this was common knowledge, but there are quite a few people that weren't too thrilled about this level of access. I've seen CrowdStrike's recent QA blunder come up as an example of a company with full kernel access to systems that could potentially be abused. While this may seem like no big deal, the reality is that threat actors exist and can abuse systems like these.

There was a follow up video I came across where Eli the computer guy had the Huntress CEO (Kyle Hanslovan) on his channel to discuss this exact blog post:

https://www.youtube.com/watch?v=3bIaU8j8YbM

After hearing this discussion it got me thinking about the amount of trust we really put into software vendors to act in an ethical way. Huntress supports over 300,000 customers, which could have some serious repercussions if their systems were to get compromised. I personally know that there's a high sense of responsibility to have access to any companies sensitive info and would never think to abuse this, but someone with ulterior motives could easily infiltrate and really wreak havoc on the US.

Business and Warfare

A lot of what Kyle was talking about came down to how serious trust is between businesses while there's an ongoing cyberwar between the US and China. This made me realize how modern day warfare can really be handled between countries and the amount of damage that could be done. Without going down a ton of rabbit holes, these are more or less just observations that I've come to realize and am probably just behind everyone else lol

The Future of Huntress and Business

By the end of the interview Kyle also brought up how scaling a business and offering an IPO would probably be their next step. He quickly mentioned how big companies such as Meta or Microsoft are these big massive businesses that we'd like to believe have our best interests in mind, but what it really comes down to is getting those quarterly profits staying positive and forever increasing. Mounting pressure from these external sources that just worry about numbers on a paper don't realize these mega corporations are now exporting a lot of work overseas, which just opens them up to more trust issues and relying on third parties to operate ethically and without ill intent.

Personal Takeaways

To quickly end this rant I think I'm a little more aware of some the craziness within just the IT industry and how quickly things come down to money over ethics. At the end of the day all I can do is be as ethical in my work as I know how. If I ever get to a bigger role in my career these are just things that I'll hopefully apply and keep in the back of my mind.