SparkyBlaze, whose real identity is not known, explained that he left Anonymous because he was “fed up with anon putting people’s data online and then claiming to be the big heroes,” according to the interview posted on the Cisco Security blog.
The ex-hacktivist offered the following information security advice to companies: deploy defense-in-depth; use a strict information security policy; have regular audits of your security by an outside firm; use intrusion detection software or intrusion prevention system; teach your staff about information security and social engineering; keep your software and hardware up to date; watch security sites for news on computer security and learn what the new attacks are; get good system administrators who understand security; encrypt your data; use spam filters; keep an eye on what information you are letting out into the public domain; and use good physical security.
At the same time, he lamented that companies do not want to spend time and money on information security “because they don’t think it matters.” He added that companies do not train their staff about information security. “The problem isn’t the software/hardware being used…it is the people using it.”
SparkyBlaze advised young people who are interested in working in information security to “stay away from black hat hacking.” He said that white hat hacking “is a lot more fun, you get paid for it, [and] it is legal.”
The ex-Anonymous member warned that social engineering is the biggest information security issue today. “We have the software/hardware to defend buffer overflows, malware, DDoS and code execution. But what good is that if you can get someone to give you their password or turn off the firewall because you say you are Greg from computer maintenance just doing testing”, SparkyBlaze observed.