Tribe of Hackers Spotlight: Lesley Carhart
Lesley Carhart (GCIH, GREM, GCFA, GPEN, B.S. Network Technologies, DePaul University) is an 18-year IT industry veteran, including nine years in information security (specifically, digital forensics and incident response).
She speaks and writes about digital forensics and incident response, OSINT, and information security careers. She is highly involved in the Chicagoland information security community and is staff at Circle City Con in Indianapolis. Lesley is currently the Principal Threat Hunter at Dragos, Inc.
In her free time, Lesley studies three martial arts, is a competitive pistol marksman, and is generally an all-around huge geek.
Don’t know what the Tribe of Hackers is? Check it out here!
What is your specialty in cybersecurity? How can others gain expertise in your specialty?
My specialty is digital forensics and incident response, specifically in response to targeted attacks. I investigate incidents of human intrusion into networks—often state-sponsored actors.
This entails collecting system, network, and malware forensic evidence; processing it or routing it to specialist teams; creating detailed timelines of attacker activity; coordinating incident response activity across security and business teams; and then producing a comprehensive report that explains what happened, when, how it happened, and how similar activity can be prevented in the future.
Does this type of detailed detective work appeal to you? I suggest getting your start as an analyst in a security operations center where you’ll gain exposure to the many different niches of security we utilize and coordinate during incident response. You’ll want to beef up on disk, network, and memory forensics; live and static malware analysis; as well as trawling through gigabytes of logs.
What is your favorite hacker movie?
Oh man. So many fictional movies I love that are ostensibly about hacking really have little to do with hacking at all. If you enjoy documentaries, The KGB, the Computer, and Me is a fascinating story, albeit one told better in the book The Cuckoo’s Egg. In terms of fiction, I still love the movie Sneakers.
There are a number of recent TV shows which have represented hacking and hacking culture far better than films, such as Mr. Robot and Halt and Catch Fire.
What is the biggest mistake you’ve ever made, and how did you recover from it?
Many years ago, while working as a telecom tech, I got sent to a mine in the Arctic Circle with a replacement router in the dead of winter. It was a spontaneous, last-minute fix for a critical failure in poor conditions, and I didn’t check my gear properly. After a bizarre journey by prop plane and hitchhiking in the dark, and entering the mine with no cell phone service, I realized that my console cable didn’t work—I had traveled across an ice sheet in the dark, I was totally alone, and I couldn’t connect to and configure the router.
I ended up building a server out of parts in the telecom closet of the mine. They never knew.
Hopefully, they never read this book.
To read all of Lesley’s answers, sign up for our email list on the right and be the first to know when Tribe of Hackers is released.
Check out some of our other Breach and Attack Simulation and cybersecurity content while you’re at it:
- What is Breach and Attack Simulation?
- Tribe of Hackers Spotlight: Wendy Nather
- Tribe of Hackers Spotlight: Jayson E. Street