A conversation with the host of the Darknet Diaries podcast Jack Rhysider

Jack Rhysider is a seasoned security professional, an avid blogger and podcast host. He hosts Darknet Diaries – a collection of audio episodes specifically designed to capture, describe and demystify the culture of hacking and cybersecurity through fair and impartial storytelling.

Matt Ashburn and Jeff Phillips sat down with Jack – or rather his avatar, as he takes considerable care to protect his online identity – to ask him about his journalistic practices, past experiences as a cybersecurity expert and views on internet privacy. Here are the highlights of their talk.

On not choosing to show his face during a video interview

Rhysider is a fierce proponent of online privacy. He chose a cartoon-like Snapchat filter to appear on screen because he firmly believes in the need to separate his everyday life from the world in which he creates content by frequently talking to hackers and other criminals. Jack still reports being regularly stalked and hacked online, but keeping his face obscure gives him an extra layer of privacy given the sensitive nature of his reporting.

On creating the Darknet Diaries – because there was nothing like that before

The first episode of the Darknet Diaries was released in October 2017. Rhysider admits that he always wanted to know more of the story than he could get from “regular” news. When news outlets would report a notable breach or hack, they tend to try to break the developing story as quickly as possible, while they still don’t have all the information. By the time journalists get all the details about the hack – who did it, what motivated them, how the FBI caught their trail, how they got arrested and charged – both newscasters and the public seem to have lost interest in the story. But not Jack, who calls himself a slow news junkie – he enjoys going back and meticulously reconstructing the story after all the facts have come to light.

On becoming interested in the inner workings of the dark web

Jack is a veteran of the cybersecurity world, and a curious person by nature, especially when it comes to technology. He has always been interested in what lies beyond the web pages. The dark web offers an alternative protocol for communicating – and Jack has been fascinated by it from the start. As a security engineer for a Fortune 500 company, Rhysider was always on a lookout for information related to his employer on the dark web. He regularly monitored forums and set up alerts to warn him if the company’s domain or its users’ email addresses and passwords were appearing among stolen data. As he monitored, he found himself wanting to learn more about how hackers obtain this information, what they do with it and whether and how they may eventually be caught.

On the types of stories Jack likes to tell on the Darknet Diaries

Contrary to most conventional news outlets, Jack prefers not to invite to his show people who offer to provide an “expert opinion”. He chooses subjects who come from the trenches and tell the story first hand – whether they have been victims of an attack or orchestrated a hack themselves. He admits that in many cases, high profile breaches don’t involve the use of sophisticated technology or cunning social engineering techniques – hackers often stumble on a Post-it note containing someone’s login credentials, or find a way to exploit some other mistakes to get access to companies’ networks and steal their data. He likes to challenge the popular opinion that most hacks are carried out by well-funded hostile government-backed organizations or hardened criminals. Rhysider has interviewed a number of ordinary teenagers who hacked into big companies out of boredom or a way to get a quick payout. He believes that his real-life conversations bring these stories to life and help demystify the world of hackers and cybercrime.

Jack’s policy of telling the story from beginning to end also makes him choose narratives where bad guys ultimately get caught and punished. By being guests on the show, hackers show some redemption, and their stories can serve as cautionary tales. Jack wants his listeners to go through the range of emotions – perhaps excitement, disbelief, maybe even sympathy for the hacker; but he doesn’t want them to think that they can get away with performing illegal acts.

Although Rhysider tries to tell the story from both sides, most cyber defenders that he has invited to his shows are bound by legal agreements designed to keep them from disclosing any information about hacks their companies have suffered. Many times the victims of these attacks are also more reticent to tell their stories than the perpetrators, for fear of appearing vulnerable. If after redacting all the sensitive details Jack still feels like he has enough information, he finds that these stories tend to resonate well with other cybersecurity professionals who want to know what happened to others in their position and how they recovered from it.

On common misconceptions about the dark web

Rhysider agrees that most people misunderstand the world of the dark web. They also confuse it with the deep web – the part of the internet where content is not indexed and not searchable by search engines. It doesn’t mean that it’s criminal or secret – just not publicly available or requires a login to access.

Whether one needs to protect their identity on the dark web ultimately depends on what they are doing. When Jack needs to dig deep or interact with shady individuals and websites, he uses a Virtual Machine to access the dark web and deletes the session after he has finished. He knows full well that while Tor anonymizes its users, once you click on other sites, like social media for instance, you start leaving behind cookies, and your identity can easily be revealed. For Jack, the dark web is a place where you can’t trust anyone, so he takes precautions to stay safe.

On keeping data secure and staying vigilant on the internet

One of the main themes of Rhysider’s narratives is that we are constantly under attack. He knows it firsthand – from seeing his own passwords and email addresses for sale on the dark web. Anyone can check if their credentials have appeared in any known hacks by using services such as haveibeenpwned.com.

His advice to his listeners and readers is to learn how to protect what’s important to them. It could be a combination of measures – from implementing stricter corporate security protocols and policies, to making it a habit to not use the same email and/or password for sites with weak security (e.g., sports fan forums run by fellow sports enthusiasts) and sites where security matters (e.g., banks or government services). Criminals are targeting private citizens and corporations alike, they don’t shy away from stealing small things like burrito chain loyalty cards, so one can never be too careful.

To learn more about how Authentic8 keeps investigators safe as they research — including on the dark web — check out Silo for Research >

Tags
Dark web research