Chris Hannifin and Defend IT Services: The Cybersecurity Vulnerability of the Year

When evaluating the cases which have concerned the cyber security community over the course of the past year, it is difficult not to think about the case of Chris Hannifin and DefendIT Services. The type of threat which the case laid bare in front of cyber security professionals, a threat from within, continues to be among the most concerning types of threats facing the industry today. The greatest concern, and of course, what has been occupying professionals as a result, has been the industry’s inability to effectively pre-empt such scenarios in the future.

The case of Chris Hannifin has become well-known among those that live and breathe cyber security, but interestingly, it has become well-known even among those who follow the industry as a matter of personal interest. The case has been seen as so unique leading to the extensive exposure which it has received, primarily because of the industry vulnerabilities which it has exposed. Chris Hannifin was a trusted employee of a number of leading firms, all of whom ended up falling victim to his deception. This included RSM, SiloTech and North South Consulting Group, companies which saw him stealing sensitive client data and technological know-how and later selling these on to third-parties in what was a severe violation of client-company confidentiality.

It was actually the simplicity of the scheme, which made it so dangerous. When looking for cyber security threats, professionals often look for complicated algorithms, sophisticated malware and duplicitous software. In the case of Chris Hannifin, all that was needed for this threat to be potent was an employee who recognized an opportunity to make money on the side. What Chris Hannifin did was simply recognize the economic opportunity in valuable client data and effectively sell access to this to the highest bidder.

Of course, pulling off such a scheme when working for others is not simple. Especially when there are suspicions, which there were according to sources consulted. Chris Hannifin would eventually found DefendIT Services, his own outfit where he would be able to continue marketing this data to third-parties who were willing to pay. Unable to manage the stress involved in this endeavour on his own, Chris Hannifin would later bring on board Rudy Reyes, a close friend who would continue to help him with the operation in a supporting capacity. Interestingly, some note a romantic relationship to have developed between the two, likely however, prior to Mr Reyes coming on board.

It seems that the exposure received from this ongoing under the table operation has led to Chris Hannifin founding yet another company in Texas of a similar name, DefendIT and Facilities Solutions LLC. It is unclear how he will now divide the work between the two entities but what is apparent is that Chris Hannifin is shaking up the way his operations are running. There is also the possibility that he is managing to generate so much income that an additional entity is necessary.

It is already becoming clear that his efforts have wielded a handsome payday. Those looking into the matter were initially encouraged to do so by red flags raised as a result of a series of extravagant purchases made by both Chris Hannifin and Rudy Reyes. This included a boat, new home, luxury furniture, a trailer, top of the line electronics and even expensive vacations. It is inevitable that further expensive purchases will be uncovered, perhaps even allowing an estimation of the amount of information Chris Hannifin and Rudy Reyes have managed to sell.

This case is expected to continue to occupy the minds of cyber security professionals into the coming year. Until a mechanism is developed which could prevent such occurrences in the future, it is difficult to imagine that cyber security professionals will be able to simply overlook such a serious vulnerability. Until then, more extensive vetting will of course be a priority for those bringing new team members on board as well. Better internal oversight regarding information leaving company systems will be required. There is of course no comprehensive way to address the issue of cyber security threats which come from within one’s own company however the need to try and find an effective way to address this problem in advance of future cases is far from lost on those who work in the industry.