Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

#LIGATT A Cautionary Tale of Cyber-Security Snake Oil

with 10 comments

The Charlatan of the Intertubes:

Last week an internet war broke out on Twitter that became all the rage within INFOSEC circles. A self proclaimed #1 hacker “Gregory D. Evans” was being taken to task for the blatant plagiarism in his book of the same name. Evidently, Mr. Evans, like the BP and other oil company executives, decided it was quite alright to just cut and paste their way to a complete document and claim it as their own. Mr. Evans now though, is learning a couple of things;

1) Plagiarism is just wrong.

2) Do not meddle in the affairs of hackers.. For they are subtle and quick to temper.

Whats more, this whole event has brought to light the fact that this charlatan has been hoodwinking certain governmental bodies into believing that he is qualified to handle their information security and technical security needs. This is the most frightening thing for me because we are already pretty behind the eight ball where this is concerned with regard to the government and our infrastructure. What we really DON’T need is a wanker like this guy to get contracts for work within the government sphere.

Since the original calling out by Ben Rothke and also by the Shitcast as well as Exotic Liability much has been dug up on Gregory Evans and his merry band of plagiarists that he calls “authors” on his Nationalcybersecurity site. Here are some examples;

  • His author picture for “Seria Mullen” was in fact a picture of a local tv news anchor
  • None of his authors seem to actually write anything, instead they copy AP stories and place them on the site under their name
  • His site nationalcybersecurity.com is riddled wth PHP and XSS vulnerabilities (it was in fact hacked and taken down.. Its back unfixed now as you can see from the image above)
  • None of his alleged experts seems to be qualified for the positions he claims they have in information security and technical security
  • He immediately played the race card in response to the allegations of his plagiarism and fraud
  • In one STUNNING case Evans claims he has a 13 yo hacker who he hired at 11.. He has a youtube commercial with him in it as a testimonial.. Turns out the kid is an actor (see twitter below)

Here are some more examples via Twitter:

#LIGATT Meet Beth Sommer another “author” who actually writes NONE of her posts http://tinyurl.com/29yvjuo

#LIGATT Mark Wilkerson author. Anyone know this guy?http://tinyurl.com/33zlrwc http://tinyurl.com/33zlrwc

#LIGATT Meet Rex Frank (cyber sec expert)http://tinyurl.com/2dghu33 http://tinyurl.com/2a5mh9j and “author” Funny, I see no creds there..

#LGTT Meet Avery Mitchell Ligatt flunky http://tinyurl.com/35hz6bohttp://tinyurl.com/35a8fjo http://tinyurl.com/27csy7r He’s their top guy

#LIGATT None of these “authors” actually write anything on nationalcybersecurity.com http://tinyurl.com/258jd5x they just add their names

♺ @wireheadlance: Ligatt fraud exposed: “hacker” is an actorhttp://tinyurl.com/3xus8ey http://bit.ly/dh0hw5 NICE

Over and over again, Evans has claimed that he was consulted by Kevin Mitnick in jail over his plea agreement, that his company is worth millions, and that he paid the authors of the content that he used. All of these claims seem to have been quite easily refuted and there have been more than a few authors who have said that he never asked them, never paid them, and in fact were quite unhappy with their work being stolen. In short, its pretty well known now that Gregory Evans is a liar and a thief… At least a thief of intellectual capital in the form of hacking texts.

Whats worse to me though, as I mentioned above, is that there are people out there and companies.. Perhaps even governmental bodies that have thought about contracting with him for ethical hacks on their networks and likely have been sold snake oil reports on their security postures. It is highly likely, that these places are just as insecure as they were the day before Gregory and his lackeys came along and this is a large disservice to them and to the information security industry.

This is however, not an uncommon occurrence unfortunately… Just in this case it is so egregious that its hard to believe anyone bought it!

The “Industry”

The infosec industry has become like any other industry.. Like the fast food “industry” there is a lot of crap out there and unfortunately the buyers are unaware of the differences between the garbage and the good stuff. The words “Caveat Emptor” just don’t compute for many people in the corporations that need these kinds of services. They also might go for the cheaper service in hopes that they will just get a piece of paper saying they have been audited and its all good. It’s not all good.

Of course, I would like to also add here and now, that security is…. Well.. Not a hard target. It’s rather like philosophy in many ways really. You either get it and you work at getting more of it, or, you just are lost and have no idea what its all about. It is also rather tricky from a technical perspective because someone could come in and run the tests, tell you you are good in one area, leave, and two minutes after they are gone someone could open up a new hole and BAM you get compromised. So, in reality one could make the logical extension that many of the companies out there now doing “ethical hacks” and “vulnerability scans” could in fact just be fools with tools who don’t know how to judge between an IIS vulnerability or an Apache Tomcat vuln.

The “Industry” has become a the new MCSE with the CISSP being potentially the new paper tiger equivalent of that old Microsoft cert that really, no one cares about any more. Now with the “cyberwar” boondoggle, we have many more pigs at the troth (like Ligatt) looking to make lots and lots of cash on specious claims of being #1 Hackers. This is even worse when you stop to think about the stakes here…

I mean you either have the skills and the drive to perform this type of work, or you don’t.. Unfortunately now, the CEH courses out there are cranking out “CEH” candidates like sausages and I would hazard that a good 90% of them have no idea how to really be a good security analyst.

Security is a voyage… Not a destination:

This is the mindset one needs to really be working on security and it is work. You have to keep at it or you will eventually find yourself compromised because you didn’t patch something or an end user did not know better than to click on that “VIAGRA FREE” pdf file with the new 0day in it. In short, much of the security puzzle resides in the most basic of principles within security and most places out there do not have a solid footing on how to perform these functions.

I personally, would like to see a more holistic approach to information and technical security today as opposed to just selling a vuln scan and or an ethical hack. You can hack the shit out of a place, have them remediate the holes, and still, if they do not have proper policies, procedures, standards, and awareness programs in place, they will be pwn3d again and again.

It’s really all about the basics…

So, you out there who want to get into this field… Don’t be a Ligatt (Evans) get the books, do the homework, and if you have the drive then you can do a good job. Remember there is that pesky word “Ethical” in there…

CoB

10 Responses

Subscribe to comments with RSS.

  1. I really believe this all started as penny stock scams, but this guy has started to believe his own lies and BS. Still, it’s just all a scam for stocks and quick bucks on a few sales. Hence all his press releases to people who don’t know better but may think LGTT is moving, so they buy, and he makes out. Do that enough, and you just rename the company or ditch it and move funds around various other scam companies….

    LonerVamp

    2010/06/21 at 02:34

  2. […] LIGATT, a Cautionary Tale of Cybersecurity Snake Oil var addthis_pub = ''; var addthis_language = 'en';var addthis_options = 'email, favorites, digg, delicious, myspace, google, facebook, reddit, live, more'; […]

  3. Until today I’ve never heard of Ligatt. I was pinged this morning asking for some information on Ligatt and my affiliation with them. Now I’m finding that my name has been associated with them all over the place.

    For the record, I have no affiliation. I’ve never even heard of them. I worked at the same company with two of the other “authors” on the site. That’s the only way I can see my name ending up there. I’ve never been a contributor.

    Mark Wilkerson

    2010/06/23 at 23:45

  4. Interesting saga here.

    But has anyone here tried their products? I looked at their website and I must admit, I was interested in the prank call one and the PC locater for laptops.

    The author claims Ligatt’s products are “snake oil” but he says nothing about the actual products. Do they work?

    Their website looks nice enough.

    Josh

    2010/06/30 at 20:59

  5. I don’t know a whole lot about all of this cyber stuff, but I read about Gregory Evans and all I see here is a bunch of people trying to keep this man behind bars. For what reason, I just can’t figure out. Society and its systems are designed to keep offenders of the law down for the rest of their lives. It’s a wonder why the crime rate is so high. Judgmental people push them back into the world of crime because they just won’t let it go. The man paid for his crime, don’t you all think that he is smart enough not to just outright do things that will get him right back where he started. It seems that this man is too smart to do some of the things he is accused of. And if he did all these things, why is he still free? Why don’t all of you who are digging this man’s grave examine yourselves? Who are you? Are you the law? If he’s actually offended you or done you wrong, take it to court.

    Abheekfearless

    2010/07/07 at 15:13

  6. LIGATT Security International and Gregory Evans Sue Alleged Stock Bashers Chris Riley, Nisha Kappor, Ben Rothke, Randolph Morris and More for Alleged Stock Manipulation

    ATLANTA, July 12, 2010 (GLOBE NEWSWIRE) — LIGATT Security International (Pink Sheets:LGTT – News), a cyber security company, today announced that the company has filed a civil and criminal complaint against IT consultants Chris Riley and Ben Rothke as well as former Cyber Group Network employees, Randolph Morris, Nisha Kappor and others for alleged stock bashing.

    The 5,000,000 (five million) dollar lawsuits were filed in Gwinnett County, Georgia. They consist of a number of charges including stock manipulation and slander. The alleged offenders have already been reported to the Securities and Exchange Commission, also known as the SEC. LIGATT has six law firms on retainer at all times. These law firms will monitor the company’s stock boards and respond to alleged bashers immediately when necessary. LIGATT Security has also consulted with overseas law firms to handle the alleged bashers in the foreign countries.

    “This lawsuit is just the first of at least two more coming against some of the names mentioned above and a few more,” says Evans.

    The defendants are as follow: John Doe 1 A/K/A BRENTSKI98503, John Doe 2 A/K/A DOUBLEDOWN22, John Doe 3 A/K/A U_BEEN_EXPOSED, John Doe 4 A/K/A E_COMMA_KID, John Doe 5 A/K/A PENNYCHECKER, John Doe 6 A/K/A MARINE-1, John Doe 7 A/K/A SHAWNF, John Doe 8 A/K/A DHDOLPHNS, John Doe 9 A/K/A MAUI, John Doe 10 A/K/A BOOGERS, John Doe 11 A/K/A 20PLUS, John Doe 12 A/K/A NAUGHTY GIRL, John Doe 13 A/K/A @-@, John Doe 14 A/K/A RTCLAUS, John Doe 15 A/K/A CREATIVE IDEA FACTORY, John Doe 16 A/K/A RANDOLPH MORRIS, John Doe 17 A/K/A CHRIS JOHN RILEY, John Doe 18 A/K/A BEN ROTHKE, John Doe 19 A/K/A 3_COM_KID, John Doe 20 A/K/A CRABBYOLBASTARD, John Doe 21, John Doe 22, John Doe 23, John Doe 24, John Doe 25, and GREY MCKENZIE.

    Xavior Barro

    2010/07/12 at 16:30

  7. Greg^H^H^H^H Xavior, I can see your cut’n’paste skills are as strong as ever.

    Jim Halfpenny

    2010/07/21 at 11:42

  8. […] phrase first made by CrabbyOlBastard in a blog post wherein he refers to Ligatt’s products as modern day snake oil.  Derived from a Tolkien line (originally about wizards), this phrase is very true and we, as a […]

  9. The key to trading penny stocks is learning how the game is played. The game has always been and will always be controlled by the MM’s (market makers) These are the people we used to trust to make a market for any stock even in the roughest times.
    However times have changed especially in pennystocks, Very little regulations and oversight has turned these market makers into nothing more then market manipulators, manipulating any penny stock however they see fit for personal gaines.
    Now most smart investors have learned you can’t beat them at their game. They have to much power and control. The best we can do is watch them and learn their patterns, Each MM has its own style of manipulating. and they will react in their own predictable way to different situations. Once you learn this you will truely have the advantage. Trading penny stocks is much like playing a game of chess against these MM’s. If you know their techniques and strategys then you can easily predict where they will take a stock. Watch them carefully on L2 , and watch charts at the same time you will see some MM’s react to certain indicators, some only react to buy and sell pressure. And some even work in teams and are truely there to take as much money as they can from you using all the dirtiest tactics including naked shorting, Paid message board bashers, and fake PR releases. (I.E. PUMA, NOBL, SSGI, STXG, CHDN). If you are in a stock with them you are in trouble take profits fast and get out , they will NSS it down to nothing faster then you can blink an eye.

    pennystockstwitter

    2010/10/17 at 02:33


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: