Wesley McGrew

Wesley serves as the director of cyber operations for HORNE Cyber. Known for his work in offensive information security and cyber operations, Wesley specializes in penetration testing, network vulnerability analysis, exploit development, reverse engineering of malicious software and network traffic analysis.
Find me on:

Recent Posts

Jul 17, 2018 9:30:00 AM

Speaking in Vegas: DEF CON 26 & Black Hat USA 2018

Shot by Wesley McGrew in Las Vegas in 2017 The most important gathering of hackers and security professionals each year is held in the dry heat of Las Vegas’ summer. It started in 1992 with DEF CON, and has grown into a week-long series of concurrent and complementary conferences, meetings, parties, and events where information security researchers share their latest findings, practitioners network, and IT staff attend to learn about protecting their own companies’ networks. The original conference of the set, DEF CON, remains cash-only at the door—no ID required—allowing both security professionals and the hacking underground to meet with no pretense to break bread and exchange ideas. More than a little actual hacking goes on, as well.

Topics: black hat USA, DEF CON

Apr 18, 2018 9:30:00 AM

Coping with Ransomware Fatigue

Ransomware attacks have increased in number and financial impact significantly. According to the FBI, the cost of ransomware attacks in the past few years has reached into billions of dollars, with the total impact doubling each year. Ransomware attacks can be the result of widespread malicious software, like the high-profile "WannaCry" attacks, or the end-goal of very targeted attacks launched against your organization by threat actors that have compromised your servers or users' workstations.

Topics: ransomware

Mar 13, 2018 9:09:30 AM

High Expectations for Service, With Reverse Engineering

A cornerstone of a cybersecurity firm is in their “reverse engineering” capability. It is a necessary part of responding to breaches, keeping up with the state-of-the-art in threats, and enhances the coverage of penetration testing and red-team engagements. While it separates leaders from followers in the industry, very few business stakeholders have had the opportunity to learn what “reverse engineering” means, how it can be a measure of a security service provider’s capability, and how such services can directly benefit an organization.

Topics: digital forensics, Penetration Testing, data security, cybersecurity, information security, ransomware, advanced penetration testing, incident response, Malware, Executive Insights

Jul 18, 2017 10:34:00 AM

Cybersecurity and Construction: Can a Breach Happen to Me?

As a contractor, if you think that cyber attacks “will never happen to me”, it’s time to reconsider your stance. Construction companies are an attractive target for a wide variety of cyber criminals, and the attackers are becoming more active and aggressive. Despite what you read in the news, hacking is not limited to political scandals and major retailers. It’s no longer a question of “if” you will be breached—the question is “when?”.

Topics: cybersecurity, Construction

Apr 13, 2017 10:08:00 AM

Don’t Let Cybersecurity Wag the Dog

When “the tail is wagging the dog”, you know that something has gone wrong. Priorities are not straight, and a part of the system does not understand its role. Providers of offense-oriented security services, such as penetration testing and red team engagements (which I’ve described in previous articles), often make draconian recommendations that, in pursuit of least effort, wind up impacting your ability to do business. When you get these recommendations, you should ask yourself: Is this vendor acting like a partner in my business, or are they content with it being inhibited as a result of their recommendations?

Topics: data security, cybersecurity

Mar 23, 2017 10:03:00 AM

Cyber Security for the Road Warrior

In my previous columns, I’ve been describing the benefits of having offense-oriented testing performed on your company’s network. This time around, I want to give some advice for the road warriors among you. Many of you have to travel for work, and present an attractive target to cyber criminals that want to steal trade secrets, customer information, or even infect your system in a way that puts your network at risk when you return to the office. You can, however, work on the road in a much more secure way, armed with some basic precautions and awareness.

Topics: cybersecurity

Feb 23, 2017 10:05:00 AM

Their Breach is Your Breach

When you’re catching up on the news, it’s become all too common to see stories about new breaches that have occurred, resulting in the theft of customers’ personal and financial information from businesses of all sectors. If you’re a regular reader of my column, you’re probably gotten past the fallacy of thinking “that can’t happen to me”, but there’s still something very detached about it all. Even when you get a letter or email notifying you that your information has been stolen from an online service you use, it happens so often you have a hard time seeing the urgency.

Topics: password reuse, password security

Feb 2, 2017 10:00:00 AM

The Victims of Cyber Security Training

It’s harder than you think to identify good talent in cyber security. Whether you’re trying to fill full-time security positions within your organization, or partner with service providers and vendors that can identify vulnerabilities and help maintain resilience, there is an ocean of “get rich/smart quick” schemes that make things more difficult for you. They target up-and-coming information security professionals, and, in turn, leave you with less qualified staff and vendors.

Topics: cybersecurity training

Jan 26, 2017 10:01:00 AM

An Internet of Hackable “Things” Threatens Your Business

In this column, I try to avoid “buzz words” and jargon. Information security is complex enough without them. The security industry is overrun with companies that intend to confuse you with marketing bullet points, wrapped up as new concepts and trends, in the hopes that you will cut them a check. Meanwhile, you are the one that will bear the ultimate responsibility for risks they know you don’t understand.

Topics: IoT Security, Internet of Things

Jan 16, 2017 10:00:00 AM

Being a Compliant Victim of Cybercrime

When I discuss cybersecurity with business leaders, the most common misconception I see involves the role of security compliance. In my last column, I described the reality of cybercrime, a wild frontier of advanced attackers that can critically damage your business with impunity. In this dangerous environment, it’s important to realize that compliance alone will not protect you.

Topics: cybersecurity

Dec 16, 2016 10:03:00 AM

The Reality of Cybercrime

Computer networks have given us the ability to operate, communicate, and conduct business more easily today than ever before. It is, however, hard to imagine a more dangerous time for businesses to operate than right now. While technology has provided us with great opportunities, it has also exposed us to attacks that threaten our business operations. At no other time in history has a business stakeholder faced as many criminal threats on a daily basis as we face today.

Sep 20, 2016 9:30:00 AM

Hacking Healthcare: How to Offensively Protect Healthcare Systems

A breach of a healthcare provider can have a serious impact, both in terms of financial loss and patient confidence. HIPAA violations can involve fines of up to $50,000 per patient record, and in many cases, attackers are able to access all of a provider’s patient records. Healthcare breaches are widely covered in the news, where the court of public opinion lays blame on the targeted organization. Current and future patients may think twice, even years later, about seeking care from a provider that was portrayed negatively by the press for data loss.

Topics: Penetration Testing, healthcare security

May 10, 2016 10:00:00 AM

Buying Your Own Stolen Data

I’m becoming very used to reading about the latest “ransomware” attacks each morning when I catch up on information security news over my first cup of coffee. Malicious software (malware) authors seem to have found a successful way of making money, and unsafe, yet common, practices are enabling it. Office-wide sharing of data with security as an afterthought, and the absence of strong backup and recovery processes fuel the continued rise of ransomware. Trends point to an increase in healthcare data being held for ransom, though no one is completely safe from being targeted by ransomware.

Topics: ransomware

May 3, 2016 10:00:00 AM

Modern Cyberattacks: Tradecraft on Your Network

At the Armed Forces Communications and Electronics Association’s Defensive Cyber Operations Symposium on April 20th, DISA Director LTG Alan R. Lynn described a shift in attackers’ operations. Lynn stated that it’s become “snatch and grab” rather than following traditional intelligence techniques of using good tradecraft (the set of an attacker’s operational techniques and tools) to compromise, monitor, and accomplish the mission while avoiding detection.

Mar 15, 2016 10:00:00 AM

Securing a Mobile Workforce

Last month, our Executive Partner, Joey Havens, announced a new mobile document sharing platform for our organization. With a mantra of fearless unrivaled flexibility, we allow our employees to be more flexible with their work schedules which usually means more mobile as well. This new tool is also vital for our team members traveling on a daily basis. It will allow for greater productivity for mobile employees and allow us to provide our services more efficiently. 

Topics: securing your data, mobility

Mar 8, 2016 10:00:00 AM

Securely Integrating the Internet of Things

Last week, members of the security industry gathered for the annual RSA Conference to discuss the latest topics in information security, from the Apple vs. FBI encryption debate to the latest innovations in security software. Perhaps one of the hottest topics at RSA this year surrounded the risks posed by devices that make up the ‘Internet of Things.’ From automated manufacturing processes to industrial control systems, all the way down to the appliances in an office breakroom, IoT technologies are changing the way businesses are operating, making systems more efficient, and allowing for greater productivity among organizations. However, with the enormous benefits of IoT come enormous security risks. 

Topics: Internet of Things

Feb 16, 2016 10:00:00 AM

Vulnerability Scans and Pen Tests: What’s the Difference? Part 3

The Internet of Things Raises Risks Imagine if all of the multi-function printer units in your organization sent an electronic copy of every document that is scanned, copied, or printed to a remote attacker. It happens. Now imagine if someone could tap the microphones in all of your office’s conferencing equipment. It also happens – without your knowledge.

Topics: Vulnerability Scans vs Pen Tests

Feb 9, 2016 10:00:00 AM

Vulnerability Scans and Pen Tests: What’s the Difference? Part 2

As I mentioned in my previous post, there is much confusion in the cybersecurity market around vulnerability scans and penetration tests. The words are not interchangeable. They are very different in the complexity and depth of vulnerabilities that they test, in the talent required to execute them, and in the report that will ultimately be delivered.

Topics: Vulnerability Scans vs Pen Tests

Feb 2, 2016 11:00:00 AM

Vulnerability Scans and Pen Tests: What’s the Difference? Part 1

When safeguarding an organization against the threat of cybercrime, it’s important to regularly test how well your current security measures are performing. I recommend that organizations apply a regular schedule of the right tests to help them identify, prioritize and repair vulnerabilities that may threaten their security.  

Topics: Vulnerability Scans vs Pen Tests