Conference Keynote: "Psychologically-Motivated Threat Actors" at OWASP AppSec D.C. 2023
Six months of research in one hour.
I'd like to express my gratitude to those who recently subscribed to my blog.
Your support not only fuels the resources necessary for my investigations but also bolsters my resolve to pursue important public interest work.
For those who stumbled upon my blog not through an email but perhaps after encountering a vitriolic tweet from someone who appears to bear animosity towards me and felt compelled to look me up, here's a bit of context. A frequent question arises: Why do certain individuals direct hostility towards me, Jackie?
The answer lies in their discomfort with being identified and exposed for their actions.
Over the past six months, I have extensively researched a case of tech-enabled abuse to unmask several criminals involved in operating a persistent, years long cyberstalking cult.
The purpose of this article is to introduce my recent Keynote presentation at the OWASP Global AppSec D.C. 2023 conference, held at the Marriott Marquis in Washington, D.C. in late October through early November of this year.
(Thank you, OWASP!)
This article, along with its associated video and slides, serves as a prelude to an upcoming series of in-depth blog posts. These posts will further explore various lingering questions in the ongoing case study of Patrick S. Tomlinson.
Patrick, a science fiction author based in Milwaukee, is not only a person of integrity and a talented writer but has also become a friend through this journey.
I shed light on the methods employed by online harassers, with a particular emphasis on the role of anonymity in empowering such behavior. A critical evaluation of the existing legal framework is also provided, highlighting its inadequacies in effectively tackling the complexities inherent in cyberstalking cases.
As the principal investigator, I offer a distinct viewpoint on conducting this intricate research. I advise against attempting to replicate these methods without professional expertise, emphasizing the crucial role of law enforcement in addressing these issues.
A key focus is an exploration of the internet's darker facets, especially a specific forum that emerged as the epicenter of Patrick's ordeal. The slides delve into the forum's structure and the collective mindset of its members, unraveling the psychological underpinnings of their aggressive campaigns.
I touch on the evidence which raises the likelihood of state involvement in cyberstalking incidents, examining the possibility of geopolitical actors providing infrastructure which explicitly supports online harassment as a means of disruption and influence while avoiding leaving their fingerprints at the crime scene.
In concluding the presentation, I wanted to pivot towards suggesting proactive measures and strategic recommendations, but ran out of time to do so on stage.
These recommendations are included more fully within the slide deck and include the need for legislative reform, corporate responsibility, and enhanced training for law enforcement, aiming to fortify defenses against cyberstalking. My advocacy for incorporating the profiles of psychologically-motivated aggressors into standard threat models is highlighted, proposing a more robust approach to cybersecurity which includes individuals affected by our technologies which lie far outside of the contexts of our respective organizational boundaries.
My keynote ultimately underscores the broader societal implications of technology-enabled abuse and the menace posed by psychologically-motivated perpetrators.
Patrick's experience, as explained in the case study, accentuates the urgent necessity for a collective response from various sectors to mitigate this growing concern.
Through this video and slides, I aim to provide an educational resource, enhance awareness, and motivate proactive engagement in addressing these challenges.
Thank you for supporting my work!