Observations from the digital trenches

October 26, 2020 | Geoff Mefford
Geoff Mefford

Geoff Mefford

Geoff is a highly accomplished Cyber Security Practitioner based in Annapolis, MD with 25 years of experience leading computer-security operations for multiple U.S. Government Agencies and large corporations. This expertise includes performing Computer Network Exploitation (CNE) operations for the National Security Agency, and defense of large, multi-layered networks at JP Morgan Chase and the Internal Revenue Service while working in their respective Security Operation Centers (SOC). During his 20 years in the United States Air Force, he conducted highly-complex offensive hacking operations on behalf of the National Security Agency and DoD. He led several projects focused on creating efficient operational processes to hunt for malicious cyber actors and determine what known or unknown vulnerabilities were used to gain access. He has created policy and procedures to contain the damage, prevent further acts, and manage crisis action teams.

Geoff’s unique experience allows him to translate highly complex cyber-security issues and present solutions to any company audience; c-suite leadership, focused management teams, or engineers tasked with defending. Lastly, he understands the challenges and goals of a malicious cyber organization as they try and penetrate networks for either profit or to satisfy Nation State objectives.

October 26, 2020 | Geoff Mefford

Observations from the digital trenches

When AT&T Incident Response Consultants first engage a client during a ransomware incident, the situation is often very chaotic. The client's ability to conduct business has stopped; critical services are not online, and its reputation is being damaged. Usually, this is the first time a client has suffered an outage of such magnitude. Employees may wrongly fear…

June 30, 2020 | Geoff Mefford

Ransomware observations

AT&T’s Digital Forensic Incident Response (DFIR) team has been observing cybercriminal organizations steadily increase their ransomware capabilities over the last few years.  We have seen ransomware grow in sophistication and capability at a rapid pace.  So rapidly in fact, that each investigation shows a new tactic or change in the binary program responsible for…