Sean Bodmer: A Tale of Two Hats

Black and white: a tale of two hats
Black and white: a tale of two hats

Sean Bodmer’s professional resume includes leading intrusion analysis initiatives for the DoD and other Federal agencies, and leading the analysis of observable traits and effects of crimeware for a number of Fortune 100 organizations. But it could have been a very different story.

In high school, Bodmer was bullied every day and “got behind a computer” as a coping mechanism. At the age of 11, he started hacking.

“When I was 18 or 19 I got dumped with a load of legal requirements and decided to switch sides. I thought, do I want to be looking over my shoulder for the rest of my life as a millionaire living in a foreign country, or do I want to do this legitimately and help the world by doing something with my mind?” Needless to say, he chose the latter. Now happy at CounterTack with an impressive resume in his pocket, Bodmer has long hung up his black hat.

In fact, Bodmer’s desire to ‘give back’ goes beyond working as a white hat. He volunteers, mentoring people and speaking at local high schools and colleges to help others. “Well I came from nothing so…”, Bodmer tailed off.

But how does Bodmer cope with the corporate world, with restrictions on his research and agenda? “Maybe 10 years ago the corporate market was restrictive in terms of research. But CounterTack see the latitude in letting me go off for a month or two and research stuff.”

So is that why he chose CounterTack to work for? “That, and the real-time element of CounterTack attracted me. It’s exciting to see this data in real time – it’s sexy work”, he said.

When asked how he prioritises research projects and sets an agenda, he smiles. “I write a letter at New Year every single year, detailing what I want to research that year. I also listen to people’s pain points. My research agenda changes all the time.”

Whilst Bodmer is comfortable in his white/grey hat, he is very conscious of the disadvantages that are ever-limiting his research efforts. “It’s a felony to buy tools to use for research purposes which is a huge handicap to the white hats. There is also the handicap of having to request legalities from government and insurance”, he noted.

Perhaps this is one of the reasons that Bodmer believes White Hats are losing. “I think of security technology as a brick, and the security industry is building a huge wall but the bad guys are still getting over it.”

“It’s a myriad of people spending too much [on cyber security technology], too little or just in the wrong places. People are buying more bricks, but they’re buying the wrong bricks.”

As APTs give way to OPTs – Organized Persistent Threats – attack methods may be changing, but the actual vector remains the same”, said Bodmer. “Malware is still being repackaged and redistributed. Poison Ivy is over a decade old.”

Despite the same old tactics, the defence is still falling victim. “One of the best things that has happened [for the white hat community] is the malware author drive being leaked. That gave amazing insight into black hat methodologies”, Bodmer grinned. “We’ve made some good arrests, but not enough.”

You can learn more about Sean Bodmer’s research at


What’s hot on Infosecurity Magazine?