IBM X-Force Red marked its first-year anniversary with the addition of security specialists, including Space Rogue, who increases the team’s impressive roster of talent.

Hello, my name is Space Rogue. Well, actually, it’s Cris Thomas, but the security community is most likely to recognize my work over the past two decades under my pseudonym.

The name dates back to the early 1990s, when a few friends and I founded L0pht Heavy Industries, one of the first hacker collectives, based in the Boston area. You may remember us as the seven guys who testified before the U.S. Congress on May 19, 1998, to shed light on the vulnerabilities of the internet.

We said something to the effect of, “Any of the seven individuals seated before you could take down the internet within 30 minutes and we need to do something about it now.” We didn’t know it then, but we were just scratching the surface of what has since transpired in the cybersecurity space.

IBM X-Force Red Welcomes Space Rogue

Since then, I’ve spent much of my time working with startups and small- to medium-sized organizations to uncover cybersecurity vulnerabilities and support the development of security strategies and programs.

One of the companies I worked with over the years was security firm Trustwave. Specifically, I worked with the Spiderlabs Research division, which explored then-new security domains such as threat intelligence and malware analysis.

That’s where I met Charles Henderson, now global head of IBM’s X-Force Red, and Steve Ocepek, regional lead of North America for IBM. They are why I’m here today as one of the newest members of the elite security research and testing X-Force Red team.

I’ll admit, I harbored some concerns around joining a large, global organization such as IBM — a bit of a 180-degree turn from the much smaller shops I’ve worked with in the past. However, after speaking with Charles and Steve, and meeting with the team, I quickly found that X-Force Red has the best of both worlds: We’ve got the ingenuity of a startup, but with the backing and resources of a multinational company that just happens to be a household name.

This recipe for success isn’t going unnoticed and, at a time when cybersecurity skills are scarce and the need for personnel is plentiful, the X-Force Red team is attracting the best of the best. This meeting of the minds, backed by the IBM network, is allowing us to turn seemingly improbable ideas into executable realities.

Cybersecurity Is Everyone’s Problem

As one of the newest members of the X-Force Red team, I’ll be playing a dual role on both the client consultation and solution design/development sides of the team. While I’m more comfortable working in the background — conducting research, testing and developing technology — I’ve had a lot of experience working directly with clients.

I’ve had to be the bearer of bad news, uncovering major security flaws within organizations. I learned a lot about the different perspectives and motivations within a company, from the IT specialist all the way up to the CEO.

Cybersecurity is no longer an IT problem; it’s not even a business problem. It has become just a general problem that every individual and organization needs to address.

This is the problem IBM X-Force Red is helping to solve by promoting a model of continuous testing — not just checking the security box on the quarterly checklist. The best way to maintain security hygiene and stay ahead of the bad guys is to hire dedicated experts who are doing testing all the time. Unfortunately, most organizations don’t have the resources to do that in-house.

That is where X-Force Red comes in. We do the testing for you, constantly and continuously. By partnering with X-Force Red, organizations can leverage our expertise and personnel as opposed to trying to halfheartedly execute the processes internally.

A New Chapter

Sounds like good news for businesses and bad news for cybercriminals, right? Exactly. The X-Force Red team is growing rapidly and continuing to attract new talent, and we aren’t just looking for decades of cybersecurity experience to build out our team.

New security challenges also require new ways of thinking. That’s why IBM Security takes a new collar approach to hiring, in which skills and aptitudes are considered over traditional four-year degrees. If you have an appetite or interest in cybersecurity, I encourage you to explore that passion and find a niche within this expansive industry on which to hang your hat.

Sharing is caring in this industry, so share what you’re working on and become a member of the cybersecurity community. Blog, tweet and network with like-minded individuals. You might find that the connections you make today could lead you to a career securing some of the world’s most important organizations with some of the brightest minds in cybersecurity tomorrow.

I’m looking forward to sharing the latest and greatest coming from the team as we write year two in the book of IBM X-Force Red’s history.

Learn More About X-Force Red

More from Application Security

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel built upon Discord channel messages. Discord is a chat, voice, and video service enabling users to join and create communities associated with their interests. While Discord and its related software…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

Twitter is the New Poster Child for Failing at Compliance

All companies have to comply with privacy and security laws. They must also comply with any settlements or edicts imposed by regulatory agencies of the U.S. government. But Twitter now finds itself in a precarious position and appears to be failing to take its compliance obligations seriously. The case is a “teachable moment” for all organizations, public and private. The Musk Factor Technology visionary and Silicon Valley founder and CEO, Elon Musk, bought social network Twitter in October for $44…