Jeffrey Carr


Jeffrey Carr is a cybersecurity author, researcher, entrepreneur and consultant, who focuses on cyber warfare.

Career

In 2008, Carr founded Project Grey Goose, a crowd-sourced open-source intelligence effort to attribute major cyber attacks. The Project soliticited the expertise of vetted volunteers, while seeking to filter out non-experts and cyber criminals. The Project's first area of research was the campaign of cyberattacks during the Russo-Georgian War.
In 2011, Carr created the Suits and Spooks conference series, which offered a private forum for intelligence veterans to meet with technologists, academics, hackers, and business executives. The forum was acquired by Wired Business Media in 2014.
Carr was the founder of now-defunct cybersecurity firms Taia Global Ltd and GreyLogic. He later wrote about the lessons he gained from their failures.
Carr has lectured on cybersecurity issues at the Defense Intelligence Agency, U.S. Army War College, Air Force Institute of Technology, NATO’s CCDCOE Conference on Cyber Conflict, and DEF CON.

Writing and research

He is the author of Inside Cyber Warfare: Mapping the Cyber Underworld, which analyzed cyber conflicts from 2002 until 2009. In Cyber Warfare, Carr argued that international cyber attacks are predominantly deployed by non-state actors, who are sometimes encouraged and tolerated by state entities. Alternately, as Carr later told The Christian Science Monitor, it is private IT infrastructure, rather than government policy, that lies at the heart of US vulnerability to international cyber attacks.
Jeffrey Carr has blogged about cyber security and warfare at Intelfusion.net and Forbes' The Firewall. Carr said he had quit The Firewall in protest, after his post on Yuri Milner's relationship to the Russian FSB was taken down by Forbes at the request of Milner's lawyer.
In March 2017, Carr stated there was growing doubt in the computer security industry regarding the narrative of Russian state sponsorship of hacks associated with the 2016 US elections. Carr stated that, because the FBI relied on forensic investigations by global cybersecurity consultancy CrowdStrike, "everyone else is relying on information they provided." Several notable competitors of CrowdStrike, including Symantec and FireEye examined the underlying data and endorsed CrowdStrike's conclusions.

Professional publications

  • “The Classification of Valuable Data in an Assumption of Breach Paradigm”, Georgetown Journal of International Affairs, March 2014
  • “The Misunderstood Acronym: Why Cyber Weapons aren’t WMD”, Bulletin of the Atomic Scientists, Sept 1, 2013, Vol, 69, No. 5, p. 3237
  • “Intelligence Preparation of the Information and Communications Environment”, Air & Space Power Journal, 2012, Vol 24, No. 3