Category: Threat Seeker

Name: Allison Nixon

Title: Director of Security Research

Company: Flashpoint

Why Nominated: A proponent of collaboration who led an investigatory team working with Akamai and Dyn, Allison Nixon helped confirm the participation of a Mirai botnet in the (DDoS) attacks against Dyn DNS. Her work as a threat-seeker has made her a sought-after background source on the post-breach issue of “whodunnit?”

Profile: In late 2016, on the hunt for the origins and perpetrators of the distributed denial of service (DDoS) attacks against Dyn DNS that took down major websites nationwide, Nixon not only helped confirm the participation of a Mirai botnet in the attacks but also found that in many cases, the attackers’ devices of choice were digital video recorders (DVRs), which contained IoT vulnerabilities that could be exploited to marshal devices into the botnet.

Her continued research became essential to the ongoing law enforcement effort that yielded indictments against three of the botnet’s operators and creators, revealed by the Justice Department in December 2017. Allison has been extremely vocal about how the Mirai attacks of 2016 were a “wake-up call for the security industry” that signified the need for more collaboration among researchers.

Referring to the attacks as a “wake-up call for the security industry,” Nixon has called for greater collaboration among security researchers, pointing to how researchers working in concert were able to get to the bottom of the Dyn DNS attacks. “Different players in the industry started to take notice, and a bunch of us realized that we needed to deal with this thing because if we didn’t it would just keep getting bigger and rampaging around,” she said.

So it wasn’t surprising that in August 2017 Nixon found herself a member of another team of researchers from Akamai, Cloudflare, Flashpoint, Google, Oracle Dyn, RiskIQ, and Team Cymru, probing a series of ongoing DDoS attacks that led to the neutralization of the WireX botnet.

What Colleagues Say: “[Nixon] never leaves any stone unturned during an investigation and always seeks to do what is right for the community in the long term. Her dedication, innovation and contributions to combating threats such as swatting, booters, and the malicious communities and individuals that surround them has revolutionized the space… She has not only blazed trails for the entire community, but she’s also helped open the doors for women in a very male-dominated space… She has never once settled for ‘good enough’ or anything less than her best and always seeks to do what is right and just.”

Zach Wikholm, Research Developer, Flashpoint