Hacker turned cyber security expert Gregory D. Evans on quest to make computers safe

by Shamontiel L. Vaughn

Wednesday, September 2, 2009

http://www.chicagodefender.com/article-6297-hacker-turned-cyber-security-expert-gregory-d-evans-on-quest-to-make-computers-safe.html

Gregory D. Evans claims the FBI put him in their top 10 list for computer hackers in 1996. And while this 40-year-old entrepreneur talks proudly of his self-taught adventures hacking into computers since seventh grade and changing peoples. grades for money, breaking into law firm and phone company records, he made it into a business for 20 years that ended in him owing back millions of dollars. However, Evans is now working on computers the legal way. He is the CEO and founder of LIGATT Security since 2003, after selling off another computer security company, The Cyber Group Network Corporation, that specialized in recovering stolen computers in 2002. He.s been featured on countless media outlets like Michael Baisden's and Tom Joyner's radio show and FOX News.

The FBI has never maintained a wanted list 'for computer hackers'. His previous company Cyber Group Network Corporation only left a footprint of self promoting press releases, nothing of substance.

In his quest to save people from worldwide computer security issues and identity theft, Evans took time out to speak with the Defender.

Defender: What made you go the honest route and stop being a hacker?

Gregory D. Evans: The thing is my dad knew that I was hacking. He used to always say when I was younger, .If you could do what you.re doing legally, you could probably make a lot of money from it.. My thing was I.m already making a lot of money. You see all these rappers out here driving Bentleys and Lambos. I had all that when I was 20 years old because of computer hacking. It may not be as glamorous, but once you get in trouble, then you sit back and reflect on your life. So now I.m with a publicly traded company, and yes, I live very well.

I'm sure he could show some proof of owning nice cars, nice houses or pictures of his 'rapper-like' lifestyle at age 20, all on the back of his "profitable hacking" activity.

Defender: You seem so passionate about computer security and identity theft, even when you used to be a hacker. What made you go from one extreme to the next?

Evans: African-Americans, we don.t get it. Ninety percent of my business is white. The other 7 percent is Asian. African-Americans make up one percent of my business, and that.s the rich ones.big lawyers will have me protect their computers. We always open our newspapers and listen to gossip.Chris Brown and Rihanna. But do we really have a section to tell us how to protect ourselves from identity theft? We get ripped off more than any other race in identity theft because.we don.t check our credit on a regular basis. A lot of African-Americans feel like .You know, my credit is messed up already. What do I need to run it for?.

Playing the race card to get ahead? If he had skills and real knowledge, race wouldn't matter. Plenty of other African-American security consultants can confirm that.

Defender: Do you ever think that some African-Americans may have the attitude that hackers go to rich, white folks because of their credit? What other reason would an African-American have their identity stolen?

Evans: Identity theft is not just financial. It.s medical. Also, Black mega churches are vulnerable. I am able right now to walk into any Black mega church out there. Churches will go out and have financial audits done because they have to, but they don.t have computer security audits done. When you go to these mega churches now, you can pay your tithes with a credit card or debit card. When they.re passing the plate around, they.ll have undercover security guards or police officers who are watching all the money being collected. They collect all this money, put it in the bag, take it in the sack, throw all the money out, separate the cash from the checks and the credit cards. They.ll put everybody.s credit card information in the computer.what security do you have when you.re running those cards? They.ll say .We subcontract with another company,. but you don.t know anything about these other companies.

Defender: What is your price range (to secure computers)? What is the least expensive and the most expensive?

Evans: (LIGATT Security) came out with the site crime defense card. You can have a doggone audit done on your network from the outside where you can become a hacker and try to get into your own system.you don.t even have to hire us.but it would cost you less than $100 to use our services. Now if you wanted us to give you the Cybertron Defense card, which is the exact same work we would do, normally we.ll charge between $25 and $75 per computer. Now that.s not a lot of money when the pastor is walking around with more bodyguards than rappers and driving Bentleys and everything else.

Wait, people pay him to do his job for him, at a lower price than he offers to do the work himself? How can anyone think that is rational. "Well, you can fix your car for pennies on the dollar, or you can pay me and my shop to do it since you drove here to begin with."

Defender: Why do you think that people don.t pay as much attention to cyber security?

Evans: Because we don.t think it affects us. We don.t think that we can become victims. Really it.s a faceless crime. When you get off work, your door is kicked in, your windows are broken, your furniture is turned over, you go into the bedroom, you see the cash and the checkbook you left on the dresser is gone. You look in your files, you see your credit report. Somebody stole your credit report. It.s gone. So you know you.ve been a victim of a crime. You call the police, they come out and they investigate. But, God forbid again, you go home this evening, everything looks great. You go into the house, have dinner, grab you some coffee, sit in front of your computer. You start doing your online banking, and little do you know there are hackers in your computer system stealing that same information.

Defender: What do you say to the everyday man who just bought a computer, got the firewall, got the antivirus program, and you think you.ve gone about protecting your computer the right way, and a hacker gets into the computer anyway, what else can I do? Should they hire a hacker every year?

Evans: That.s why we came out with the Cybertron Defense card. You can scan your own computer to see if a hacker can get into it. You don.t need to know anything about computers to use it, and if a hacker can.t get in, you don.t pay for it. We don.t charge you. There.s no software to download. No training needed. In less than 10 minutes, you can find out if a hacker can get into your system. If you went out and you bought all of this and a hacker still gets into your machine, what.s the difference between that and when you go out and sign contracts with ADT alarms or you went out and got yourself a pit bull or you moved into the right neighborhood or you put up a big fence around your house or you got security cameras and somebody still broke in?

Defender: What about the paranoid crew that thinks that by downloading your program you now have access to their computer? How do you assure them that it.s not a scheme to break into their computers?

Evans: There is nothing to download. I don.t care if you got a Mac, PC, whatever browser you.re using. You just go to the Web site from your computer that you want to test out, it.ll show you your IP address and it.ll start scanning your computer as a hacker would to see if you have any vulnerability, which will allow hackers to come in. It puts it together in a report form, tells you how you can plug it up. You can try to fix the vulnerabilities yourself.

So does he use Nessus or Qualys to perform this 'service'?

Defender: How would one know the difference between (your program) if it looks like Spyware with that little detective?

Evans: Spyware has to be installed on your machine, and that.s why you get those pop-ups. Those pop-ups come up from some Web site that you.re going to. It.s already installed on your machine. You only get those pop-ups when you.re surfing the Internet, it.s called ad ware. Those little ads say you have a virus, click here, and when you click there it takes you to a Web site most of the time so you can purchase some software. But if you have Spyware on your machine, which everybody is going to get at some time, there.s a bunch of ways to get it. Every time somebody sends you a chain letter that says, .God loves you. And if you love God, forward this to 10 friends and the person who sent it to you,. and you see all these email addresses that go along with the email, well, most likely somebody with an email mixed in with 100s of others is the spy guy. What he.s doing is collecting all the email addresses of your friends and their friends and their friends. It.ll just keep collecting. (The hacker) will get your email address, posing as you and send you an email to download something. You think you got an email from a friend and you downloaded Spyware onto your machine.

Least..effective..attack..ever. This is not the purpose of chain letters. In today's world, attackers don't need chain letters or collecting e-mail addresses to compromise tens of thousands of computers.

Defender: Give me the top three biggest mistakes that computer users do that you wish they.d cut out.

Evans: 1) You buy a computer. Nine times out of 10, it comes with either Norton or McAfee. It has the firewall and anti-spyware on your machine, and you.re like, .I.m protected.. But what you didn.t realize was that was only a trial version. In 60 days, 90 days, 1 year, it.ll expire. And when it expires, you have to turn around and renew. What most of us do when it keeps popping up on the screen saying .Do you want to renew?. we don.t feel like pulling out our credit cards or don.t have the money. When we don.t renew, we.re not protected from all the new viruses in spyware that came out that day. Everyday there.s always new threats that come out.

2) We should always have a secondary email address with a different password. Most of us do, but we.ll go to a Web site, sign up for a service to subscribe to it. We.ll use our real email address, and we.ll also use the password that goes to our real email address. So when you go to these Web sites and you.re signing up, these people will go and see that you have a Yahoo or an email account, go to your email site, type in your email address and type in that same password that you used at their Web site. Next thing you know, they.ll go right into your system.and check all your emails and you don.t even realize it.

3) Most of us have laptops these days, and we go to our cars. A lot of times people will take their laptop and put it on the backseat of their cars and drive off. I don.t care who you are, what type of vehicle you have, you should always put your laptop in the trunk of a car. Reason why is on your way home, even though your intentions are to go straight home, you just remembered you needed something for the house and you.re only going to run in for a minute. That.s all it takes is a minute. And once someone steals your computer, everything you.ve done is still on that hard drive even though you emptied the waste basket. It would take me less than five seconds to bring up everything on that hard drive.credit cards, chats, emails, everything is still on that hard drive. We should password protect our computers too. When a computer comes on, you should have to type in a password. If you don.t use your computer within 10 to 15 minutes, it should go into a screensaver and ask for a password. Make it harder for the next person.


main page ATTRITION feedback