Profile
Will first became interested in cybersecurity when he encountered hackers while playing online games in the late 2000s. He has also long been fascinated by the UK intelligence services (GCHQ) for most of his life. So, when he finished his BSc with honors in Computer Information Security from the University of Plymouth and got offered to work for a private cyber intelligence firm in the UK, Cyjax, he jumped at the opportunity and has enjoyed every day of his work ever since.
As Will enjoys puzzles, challenges and investigations the decision to go into cybersecurity was an easy one, as there are no shortage of them in cybersecurity. Moreover, cybersecurity is a crucial part of modern technology that continues to be overlooked despite the severe consequences and precedence of doing so. “And there is also a certain addictive aspect to unravelling and understanding the latest cyber threats to organizations as well as tracking organized cybercrime groups and nation state threat actors”, he says.
Will is the co-author of the new FOR589: Cybercrime Intelligence, the course that teaches students how to hunt for threat intelligence within the cybercriminal underground using Human Intelligence elicitation techniques and blockchain analytics tools to trace criminal cryptocurrency transactions. “The cybercriminal underground is a notoriously difficult place to infiltrate and can be a challenge for the untrained to extract useful information from it. As they are criminals, they are prone to cheating, lying, stealing, and exaggerating the truth.” However, since massively disruptive cyber-attacks against Colonial Pipeline, JBS foods, Kaseya and the Irish HSE all originated by threat actors lurking in the underground forums, it has become more important to understand the threat more than ever. This course will arm students with the knowledge of the cybercriminal underground interactions and areas of operation, how to gather a multitude of intelligence, perform undercover operations, and disrupt the adversaries.
In addition to being a SANS instructor and working in the field, William also works in the professional community as the co-founder of the Curated Intelligence community and OSINT analyst for the National Child Protection Task Force. He has been honored with the Cyber Resilience Award 2020 and 2022 by the Aviation Information Sharing and Analysis Center (ISAC), earned the conINT 2020 Speakers Badge and is a four-time receiver of the Contestant Badge for TraceLabs Global Search Party OSINT CTF.
He was also invited to a trip to Denmark to present his talk ‘Lessons from the Conti Leaks’ at the annual conference of the Nordic Financial Computer Emergency Response Team (NFCERT). “I spent three months analyzing and investigating up tot 250,000 messages from the leaked chat logs of the Conti ransomware group and revealed unprecedented findings about the inner-workings of one of the largest cybercrime organizations in the world. The experience of being able to present and discuss my findings with security teams from banks, financial services, and intelligence services across the Nordics and to socialize with them, was truly unforgettable.”
You can find more from Will online:
Github:
Research blog: