Chris Kubecka

Chris Kubecka is an American computer security researcher and cyberwarfare specialist. In 2012, Kubecka was responsible for getting the Saudi Aramco network back up and running after it was hit by one of the world's most devastating Shamoon cyberattacks. Kubecka also helped halt a second wave of July 2009 cyberattacks against South Korea. Kubecka has worked for the US Air Force as a Loadmaster, the United States Space Command and is now CEO of HypaSec, a security firm she founded in 2015. She lives and works in the Netherlands.

Kubecka's Puerto Rican mother became a robotics programmer and lacking money for daycare would take Kubecka to work with her. Kubecka said she "fell in love with programming" when she programmed a haunted house on the screen to say "boo". She continued learning how to program but at the age of 10 got into trouble when she hacked the US Department of Justice, then "was not allowed to use computers until she was 18," after which she was recruited by the US Air Force.

In 2012, Kubecka came to prominence when Saudi Aramco's network experienced one of the worst hacks in history and she was contacted, out of the blue, to help. The Saudi Aramco network was flat and the hackers were able to roll through quickly and easily, hitting and infecting about 35,000 computers. Kubecka was contacted by a Saudi Aramco rep and asked to come to Saudi Arabia. After a brief negotiation, Kubecka put together a team of experts and went to Saudi Arabia to rebuild the large oil company's network from scratch. Facing the emergency and immediately following the hardware attack, Saudi Aramco was able to purchase 50,000 computer hard disk drives (right off the production line) during efforts to save their company and bring operations back up.

In 2014, Kubecka worked to fix an email and rootkit attack on the Royal Saudi Arabian Embassy in The Hague, Netherlands. The first phase of the attack was caused by a weak email password of 123456 used on the official business embassy email. An Embassy insider and ISIS collaborator attempted to extort money from several Saudi citizens Prince Mohammed bin Nawwaf bin Abdulaziz and Dr. Sumaya Alyusuf and the Royal Saudi Arabian Embassy of The Hague. During the second phase of the attack, the insider sent an extortion demand of 25,000 USD each from several Middle Eastern and Turkish Embassies. The third phase of the attack was caused by the Diplomatic Corps sending a warning notification to all The Hague embassies via email using CC not BCC, exposing the other official embassy email accounts to the attacker. During the fourth phase of the attack, the insider taunted the Diplomatic Corps, The Hague embassies and hacked into the Secretary to the Ambassador of Saudi Arabia, The Netherlands personal Gmail account. The attacker rose the extortion demand to $35,000,000. Later raising it to $50,000,000 or ISIS would destroy the Kurhaus of Scheveningen during planned National Saudi Day celebrations to which over 400 dignitaries had been invited.

After the Shamoon attack and Dutch Embassy hacks, Saudi Arabia and Saudi Aramco made security a top priority. Stanford University signed an MoU (memorandum of understanding) with one of the security colleges of Saudi Arabia in 2018.

She worked for Saudi Aramco until mid-2015 when she founded HypaSec. Kubecka is considered an expert on cyberwarfare and presents at trainings and conferences on cyber espionage, security information and event management, Industrial Control Systems Supervisory Control and Data Acquisition (ICS SCADA), IT and IOT security topics. Kubecka was the keynote speaker at Security BSides security conference in London in 2017 and a featured speaker at OWASP's Global AppSec Amsterdam 2019.

• Down the Rabbit Hole An OSINT Journey: Open Source Intelligence Gathering for Penetration Testing (2017) ISBN 978-0-9956875-4-7
• Hack the World with OSINT. Learn how to discover and exploit IT, IOT and ICS SCADA systems with ease (2019) ISBN 978-0-9956875-9-2