Learn real-world cyber security skills from active industry experts in Anaheim. Save $150 thru 12/18.

SANS Security Insights

Protecting the Mental Health of Cyber Warriors

The mental health of white hats, intelligence gatherers, investigators and other cyber researchers is at risk, and they have few resources to turn to.

By Deb Radcliff, Creative Director, SANS Analyst Program

This story will forever haunt me: One of my sources (a malware researcher for a respected antivirus company) sent a rambling email claiming anonymous and the Church of Scientology were after him, to please tell his wife he's sorry, and that he was going to jump off a building.

It was real.

The police were notified, and a leader from the company he worked for called me personally to tell me the young man had jumped and survived. He now lives with permanent brain damage.

That day, our industry lost a young, talented cyber researcher to attempted suicide. But maybe he wouldn't have jumped if he had been prepared mentally and physically before being sent out undercover into the dark web. He should also have been provided mental health support and other resources during and after his work for that company.

The Cyber Underbelly

Many cyberthreat researchers in our industry, myself included, are inadvertently exposed to the seedy side of humanity. To do our good guy jobs, we've seen images we can't erase, been threatened by black hats and thugs, and spent an inordinate amount of time in our adrenals.

This type of work obviously impacts mental health. Several investigators I talked to for this blog agree.

"I do a lot of threat intelligence and cybercrime research, and I do feel paranoid or unsafe with certain projects," says a threat intelligence researcher who asked to remain anonymous. "And there was one case that still makes me cry, where we tried to stop a streaming suicide-in-progress. The girl was very young."

Another investigator, John Toney, formerly worked as a special agent on a cybercrime task force, where he investigated the worst of crimes against children.

"It took a toll on my mental health. The effects are cumulative on your health, weight, relationships," says Toney.

Protecting Investigators

While enforcement agencies have recommendations to provide a level of mental health care for forensic examiners viewing abhorrent material, Toney says his former agency provided none. He adds, "We were all expected to be emotionless superheroes."

Now in the private sector, Toney has developed a bill of rights for forensics investigators to provide them some safety net (tap image below to enlarge). With those investigators now working under his supervision, he keeps an open line of communication.

Annotation 2019-10-24 094118

"I try to have real conversations with my staff. What are they looking at? Can they disconnect and not bring it home with them?" he says. "If they can't handle the work and want to walk away, I tell them no problem, we'll find them other work."

Toney is also an active member of mentalhealthhackers.org. Although the group doesn't provide mental health services, it does give referrals and provides forums for white hats who are feeling overwhelmed.

Out on a Limb

For the most part, employers aren't protecting their investigators, and very few provide mental health support, say Toney and several others interviewed for this blog. This needs to change.

Because we can't count on our organizations to protect us, my next blog on this subject will include advice from investigators and researchers on steps they should take to protect themselves before, during and after each cyber investigation.

Post a Comment


* Indicates a required field.