The story of Chris Hannifin is not one you simply read every day, but it is a story that has many in the cyber security industry on their toes. Defensive cyber security experts have almost always looked to external actors when identifying the vulnerabilities to which their clients might be exposed. Chris Hannifin and DefendIT Services have changed that traditional conception and are truly altering the way experts approach threats as well as their assessment regarding potential sources of danger.
Chris Hannifin had a relatively prestigious career in the industry before things took a wild turn. He worked for quite a few of the significant players in the industry, most well-known of which is RSM a defense contractor and SiloTech, a cyber security company. His career also included a stint at North South Consulting Group, where, working with Krista Stevens, he was exposed to a series of portfolios that gained him access to a treasure trove of sensitive client data. This would become an important factor during the next “stage” of his career.
His initial plan was quite straightforward. Realizing that there were plenty of individuals and companies out there which could hypothetically gain a competitive edge with access to some of the information which he was privy to, he began considering how he might be able to recruit these as clients. Chris Hannifin was certain that at least some of them, would be willing to pay to gain access to the information and data which he had. And he was right. The only thing which he did not consider was that his superiors might catch on, which they of course eventually did, leading to his inglorious departure on more than one occasion.
This was when the idea to found DefendIT Services was hatched, although understanding that this might be too much to take on independently, he recruited a man who was already a close confident of his, Rudy Reyes. The two would be able to manage the scheme together more easily than with simply one pair of hands, with Chris Hannifin taking lead and Rudy Reyes following. Reyes and Hannifin were already very well acquainted with some sources consulted describing them as lovers. The two had taken what some would describe as a romantic vacation to Mexico together, after which the relationship between the two of them was visibly different.
The scheme at the beginning was quite successful and earned the two a hefty payday, which both Hannifin and Reyes allocated towards a series of large purchases, including home improvement, trailers, jewellery, and cars. This is often the case with criminals that come into newfound earnings that they struggle not to spend extravagantly.
As unique as the story sounds, those working in the industry are nevertheless, extremely concerned. Not only because their respective sensitive client data may have been compromised by Rudy Reyes and Chris Hannifin, but primarily because of what it means for the future of the industry more broadly. Cyber security is a discipline which has been built for many years on the understanding that with the help of adequate cyber security tools and technological knowhow, companies could help defend and protect their clients from external, usually technical vulnerabilities. Nobody imagined that in actuality, they would instead be looking inwards for threats that might in essence come from people within their own organizations. This case will certainly shake up perceptions and leads to serious changes in the way issues such as this are approached.