Christiaan Beek

Christiaan Beek, lead scientist & sr. principal engineer is part of Mcafee’s Office of the CTO leading strategic threat intelligence research within Mcafee. He coordinates and leads passionately the research in advanced attacks, plays a key-role in cyberattack take-down operations and participates in the NoMoreRansom project. In previous roles, Beek was Director of Threat Intelligence in McAfee Labs and Director of Incident Response and Forensics at Foundstone, McAfee’s forensic services arm. At Foundstone, he led a team of forensic specialists in Europe, the Middle East, and Africa during major breaches. Beek develops threat intelligence strategy, designs threat intelligence systems, performs malware and forensic analysis, pentesting and coaches security teams around the globe. He is a passionate cybercrime specialist who has developed training courses, workshops, and presentations. He speaks regularly at conferences, including BlackHat, RSA, BlueHat and Botconf. Besides conferences, he is also frequently teaching at universities, Police Academies and public schools to recruit, mentor and train the next generation of cyber-security specialists. Beek contributed to the best-selling security book "Hacking Exposed." and has two patents pending. Twitter: @ChristiaanBeek
For several weeks after we released the McAfee Labs Threats Report, May 2015, in which we discussed the topic of ransomware in depth, we frequently saw the same questions: “Why is ransomware increasing, and why is it so successful? In our report we offered a few answers to this question. We’d like to zoom in ...
Read Blog
We have seen an increasing amount of articles published about the “Dark Web,” underground cybercriminal sites that are hosted on hidden servers and can be accessed only by using Tor. One example of a Dark Web site hosted on one of these “.onion” domains was the Silk Road, a site infamous for the buying and ...
Read Blog
By Raj Samani (@Raj_Samani) and Christiaan Beek (@ChristiaanBeek) In the McAfee Labs Threats Report published in November 2014, Senior Vice President Vincent Weafer commented that 2014 will be remembered as “the year of shaken trust.” Indeed almost every threat measured saw notable increases in Q3 that pointed to a rather ominous 2015.  There was, however, ...
Read Blog
Targeted attacks have several stages, sometimes called the APT kill chain. At McAfee Labs we prefer the model described by Lockheed Martin: As part of the weaponizing phase, attackers often put a payload into a file that, once installed, will connect in the C2 (command and control) phase to the attacker. A very common payload ...
Read Blog
During recent weeks we’ve seen a new botnet kit advertised in several Russian forums. The iDroidbot costs US$1,500 and targets phones running iOS 7.1 and earlier, as well as Android 2.2 and later. The kit has some interesting features, including a credit-card number grabber and a method for draining mobile wallets. According to the developer, ...
Read Blog
In McAfee Labs we keep a close eye on the Zeus/Zbot/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following graph shows the total number of Zbot samples submitted to McAfee Labs in recent months. For a couple of weeks, McAfee Labs has followed a global Zbot campaign, in ...
Read Blog
Talking with customers during the past few months, the key topics and questions we heard were all about targeted attacks, threat intelligence, and security information and event management (SIEM). However, there seems be a myth that “once we have SIEM, we will have visibility into threats”—as if SIEM will give us all the answers. To ...
Read Blog