“It’s very interesting work. Over the years, we have become a boutique team with a very diverse client base and some unique offerings, ranging from vulnerability assessments to incident response and physical security evaluations,” says Steve Stasiukonis, founder and president of SNT. Steve is also an expert in social engineering, with regular columns in Information Week Magazine and DARKReading. “When I am digging up dirt on someone online, I don’t want it coming back to my company,” he explains. “I need to feel safe when I’m browsing, especially when I am gathering open source intelligence or communicating with hackers on their dark web sites on the Tor network.”
“I need to feel safe when I’m browsing, especially when I am gathering open source intelligence or communicating with hackers on their dark web sites on the Tor network.”
- Steve Stasiukonis, SNT president“Use Silo so we still have jobs tomorrow”
Steve has plenty of fascinating stories about negotiating ransoms or discussing terms with threat actors on behalf of a company that has been hit with ransomware. He considers it a success if he is able to recover his client’s data, but acknowledges that it doesn’t always go as planned, and it’s important to protect himself and his team. “Most of our research is done in our office, and I don’t want to poison our network with something I pick up on the dark web,” he continues. “We use Silo to isolate our browsing environment, so we don’t get hit and still have jobs tomorrow! It gives me a sense of security when I’m talking to people in forums or poking around dark web marketplaces.”
Silo also plays a big role in penetration testing. SNT’s specialized white hat hackers run attack simulators to identify the client’s vulnerabilities and determine how potential adversaries can take advantage of them. “Companies are paying us to find holes in their networks, and we try to do it in a way that they don’t see that they are being tested – we don’t want to give away our position as a pen testing company,” explains Stasiukonis. “So, we spin up Silo and use managed attribution to obscure our location. Whatever features Silo offers, we have used them all — it’s been super effective.” When problems are identified and prioritized, SNT will bring in in one of their partner companies to address discovered vulnerabilities and propose ways to harden the client’s networks.
The SNT team also provides OSINT services to its clients, primarily in the legal space. Its analysts supplement clients’ own discovery practices by researching social media, web and other publicly available content in relation to the individual or entity that’s subject to litigation. SNT uses Silo to securely collect, download and share information and evidence, without the risk of exposing the investigators or revealing their intentions.
Steve firmly believes that his company’s services will continue to be in demand for years to come. “It’s not just the banks who are getting hit,” he explains. “We have customers in every market and any type of business, even dairy farmers — they get attacked by ransomware, and they come to us to help them recover their data and help prevent this from happening in the future.” He considers Silo one of the most important tools in SNT’s arsenal and plans on extending his company’s strategic partnership with Authentic8 to support future projects.
