December 14, 2015
Cybersecurity researcher Peter Kruse, founder of CSIS Security Group in Denmark, thought his mother was calling. Her number appeared on his phone, but when he answered, it wasn’t her. Instead, a male voice told him to stop what he was doing as a computer expert.
“They checked my family members,” he said, referring to his anonymous tormenters. “They did their homework.”
Security researcher Costin Raiu at Kaspersky Lab in Romania has a similar story. While he was analyzing Stuxnet, a worm written by the US and Israel and considered to be the first cyber weapon, someone broke into his house.
The intruder left behind a decision cube—a rubber die inscribed with conclusions like “yes,” “no,” “maybe”—on his living room table with the message “take a break” facing up.
These stories of being threatened are common throughout the tight-knit community of high-profile cybersecurity researchers, but few are willing to share them openly.
“If you are engaged in tracking cybercriminals, in research, you have to be really careful about your surroundings, your family, the people around you,” said Righard Zwienenberg, ESET security expert. “People doing this kind of research take the risk knowingly and willingly.”