For those of you who don’t know me yet, my name is Ryan W. Smith, and I’m thrilled to have recently joined Clutch Mobile as the lead threat engineer.
Prior to joining Clutch Mobile, I’ve spent more than 10 years as a contributor and leader in the security community. Professionally, my previous roles have included mobile threat analyst, enterprise software security consultant and government security systems R&D engineer. I am a strong believer in contributing to the “greater good” of the security community by sharing information, tools, and lessons learned to steer our globally limited resources to best protect against the threats we collectively face. To that end I’ve been a contributing member to two leading open source security organizations: The Honeynet Project and OWASP.
The Honeynet Project, whose mission is to study the tools, tactics, and motivations of the blackhat community, has particularly been an inspiration throughout my academic and professional career. I’ve been a regular speaker at Honeynet Project events over the years, the first of which was demonstrating new honeypot technologies for a DoD workshop when I was a student at The University of Texas. More recently I spoke about my research on scalable Android reverse engineering at the 2012 annual workshop in Paris, then about my research into the detection of Android malware propagating via Twitter at the 2013 workshop in Dubai. Above all, The Honeynet Project has inspired me to look beyond the data and see the bigger picture. Rather than seeing a network attack as a single, isolated incident, consider the actor behind the attack, their motivations, and other actors or resources they may be colluding with. By taking this multi-source intelligence approach, it’s possible to build a much more comprehensive model for unwanted or malicious activity and better protect end-users.
Last month I had the opportunity to speak at DEF CON, where I presented my research on the commoditization of Russian SMS fraud (performed while I was at Lookout). During this investigation I identified 10 of the top organizations distributing SMS fraud malware targeting Android. This final finding was only possible once I had identified the full supply chain of these malware organizations: affiliated registered domains, distribution endpoints, spam twitter handles, etc. By casting a wide net around these organizations and their Internet footprint, I was able to identify and block new threats before they were ever detected on a user’s device.
In my new role I will leverage this experience to ensure that Clutch Mobile continues to lead the industry in advanced mobile threat detection and mitigation. I believe Clutch Mobile is uniquely positioned, with both the technology and the team, to detect and prevent the modern mobile threats facing today’s enterprises. I’ll talk a lot more about these threats in upcoming posts, but for now suffice it to say that I’m excited and honored to be on board.