LIGATT’s Evans Strikes Back

Gregory Evans, the CEO of LIGATT Security, is not taking the criticism heaped upon himself and his firm or his latest book lying down. Yesterday he posted a pair of videos on “National Cyber Security”, a web site under the LIGATT umbrella, as part of an article written by a “Seria Mullen”, News Researcher at LIGATT Security in which he puts forth that security professionals Chris John Riley and Ben Rothke are motivated by racism.

Seria Mullen?

Let’s start with the article’s author. Geoff Belknap’s research points out quickly that the Seria Mullen who wrote this less than eloquent article bears a striking resemblance to (actual person) Knox News reporter Chloe White Kennedy.

You decide:

Article on Computer Nerds by Seria Mullen.


Knox Reporter Chloe Kennedy?


Separated at birth perhaps?

News Stories?

It doesn’t take a brain surgeon to figure out that what are being presented as original articles by the mysterious doppelganger Ms. Mullen are just lifted directly from other places:

Homeland Security Newswire Story.


Story on LIGATT's National Cybersecurity.


Video – Part 1

On to the two videos: http://www.nationalcybersecurity.com/articles/441/1/How-Can-Computer-Nerds-Be-Racist/Page1.html.

Evans starts by going after security professionals Ben Rothke, who performed a careful analysis of the plagiarized material in “How to Become the World’s Number 1 Hacker”, and Chris Riley who played a part in a fairly respectful interview of Evans on a podcast released yesterday, and whom Evans threatened harm to for some reason, potentially identity confusion.

For some reason he drones on about Kevin Mitnick, and suggests that the current security industry worships the work Mitnick did. He suggests in the video that Kevin Mitnick came to him for advice on the deal being offered him by the government while the two were incarcerated together.

This was quickly refuted by Mitnick himself:

Pretty unambiguous.


At 11 minutes in he has still not referenced the plagiarism, ostensibly the reason for making the video response. The next minute is spent discussing how much money he made and help he states having given to the community.

Video – Part 2

Evans finally decides to address the plagiarism issue in part two, wait, no he’s not.

Minute one walks through the media companies he has bamboozled into putting him on television. For some reason he equates his exposure to what he appears to put forth as a “right” to plagiarize the material of people he feels are less well known. He proceeds to discuss contracts held with two professional sports franchises, the Atlanta Hawks and Atlanta Thrashers; however, the contract shown appears to be with Arena Sports Marketing, LLC. The Chief Sales Officer of Atlanta Spirit LLC (parent company of the Thrashers) asserts that LIGATT has never provided “services for the Hawks, Thrashers, or Philips Arena”.

E-mails Regarding the Sports Teams

Ben Rothke took the time to verify his findings on this claim with representatives of the two sports teams:

From: Ben Rothke
To: White, Tracy; Penningroth, Ailey
Sent: Sun Jun 13 10:14:13 2010
Subject: Is LIGATT Security in fact the official cyber security provider of the Atlanta Hawks?

Greetings,

I wrote a book review of *How To Become The Worlds No. 1 Hacker* -

https://365.rsaconference.com/blogs/securityreading/2010/06/10/how-to-become-the-worlds-no-1-hacker.

The book is nearly a complete work of plagiarism.

In the book, the author states that LIGATT is the official cyber security
provider of the Atlanta Hawks. I attached an excerpt of the book which
highlights that.

Note that the also says he is the official cyber security provider of
Phillips Arena and the Atlanta Thrashers.

Can you tell me if that claim is correct?

Thanks,

Ben

To which he received the following replies:

On Sun, Jun 13, 2010 at 10:39 AM, White, Tracy <
[email protected]> wrote:

That claim is not accurate. We are aware that he has made these statements
but they are not accurate.
From: White, Tracy 
Date: Sun, Jun 13, 2010 at 11:32 AM
Subject: Re: Is LIGATT Security in fact the official cyber security provider of the Atlanta Hawks?
To: Ben Rothke
Cc: "Penningroth, Ailey", "Wilkinson, Scott" 

Ben - yes, you're correct....Ligatt doesn't provide (nor have they ever
provided) services for the Hawks, Thrashers or Philips Arena.

Partial cut of a contract provided by Evans references a marketing company, not the teams.


Continuing…

I passed out until 4:26, but there was a lot of bragging about something.

He discusses his twitter program, Learn to Hack in 15 Minutes, for which he issued a press release on May 5th. The video cuts out, and then comes back to his discussion of a teacher teaching from a text book that the teacher didn’t write. In the podcast yesterday he references the fact that a preacher will read from the Bible, but did not actually write the Bible. His overall stance appears to be that he never said he would be writing his own content as opposed to taking content from other people and therefore copying the content verbatim in his social media campaign is therefore okay. He is “taking a little here” and combining it for laypeople, which according to him is why he makes one million plus a year.

He goes on to explain that the books are not written for a security audience with various metaphors. He discusses that Chris John Riley is a joke to him (again no one is sure why or the basis for his animosity). The video cuts in and out in this part where obvious edits have been made. He insults education, and calls his audience computer nerds. He makes some references to celebrities.

We are now at 19 minutes and the plagiarism charges, the reported reason for the videos, have not been addressed.

He goes on to reference Jobs, Gates, and Dell as people who, like himself, understand both the business “and computers”.

At 11:49 in video two the discussion of plagiarism finally begins: “I wrote 60% of my book.” The analysis does not support this, there are a number of chapters with 90% similarity rates to previously published work per the iThenticate tool analysis run by Rothke. Evans stated he put out a call for “ghost writers” to which he received “stacks and stacks of information”. He states that the actual authors of the work accepted a flat fee in exchange for signing away full rights to the created work, signing a release and confidentiality agreement. He claims the “people who wrote the stuff” aren’t calling him, or “posting to your board” that their authored works were taken. His claim is that they are not doing this because they signed both a release and a confidentiality agreement. The video cuts out at 13:47 while he is still talking.

Refuting the Paid Authorship Claim

This is done fairly quickly via an example. Below find a page from the book How To Become The Worlds No. 1 Hacker:

Page from #1 Hacker Book.


Now let’s look at a section of the article MS Terminal Server Cracking on ethicalhacker.net:

Article on ethicalhacker.net.


Notice any similarities? Right down to forgetting to remove the name chrisgates on the command prompt, they’re the same.

So its a straight copy, but maybe Chris Gates was paid as Greg suggested, and elected to “sign a release”. Again, easily checked:

Where's my money?


Maybe the check is in the mail?

Finally

This many acts of taking another person’s work without attribution would not have made it past most publishing houses. But with that said, I can’t find another book that’s been published by “Cyber Crime Media”. This mostly nonsense, ham-fisted defense of his actions is amusing on some levels, although probably not for the two real security professionals he is lobbing unsupported accusations at.

Anyhow, we’re sick of the chicanery.

We know, two posts now on the LIGATT story line. It’s like a car accident we can’t look away from. We’ll promise to get back on something more important soon.

References

Filed Under: Industrial Complex

Tags: ,

Comments (32)

Trackback URL | Comments RSS Feed

  1. LonerVamp says:

    I’m still digesting this, but wow! Just wow. Last night I watched those videos and became very convinced of a few things. (I tried looking up that Seria Mullen as well and got zero…props to Belknap for that find! Seriously, if you’re going to steal an image of someone, dig deeper than another journalist!! Troll myspace avatars or…anything!)

    1. The guy is an in-your-face speaker which does get you places, but unfortunately I think he’s buying his own BS. (How are you such a ‘player’ in the cyber security space but know nothing of the industry and the real players? Probably because he only interacts with people who know even less than him…)

    2. He commits many common logical and rhetorical sins. He talks confidently, but any below-the-surface analysis of his tirades and discussion reveal that he’s really saying absolutely nothing that makes sense.

    3. I don’t doubt he’s making some money. But I think it’s not in computer security. He’s borderline fraud, and I wouldn’t be surprised if he and his company are very similar to a chop shop or other firm that just does anything it can to make money, legal or illegal, and almost all of it low-grade quality stuff like a Junior Achievement project. Like making t-shirts. Or android apps. Probably delivering spyware. Domains that just drive ad hits. Stolen material and books. Workshops marketed to idiots he can swindle. Preaching to the masses that can’t call him on his BS. Probably even some escort services or something.

    4) He’s gotten himself into the self-serving circle of being a journalistic source. All you need to do is get in once, get listed in a database, and you can start using that to make more quotes and be a source for things…even if you don’t know jack. He needs to be flagged before he does more damage.

    If he truly has millions, I wouldn’t be surprised in the least it is illegitimate.

    Even if he truly did pay for his book material, that’s shockingly similar to money or stolen goods laundering. It wouldn’t surprise me this guy is mixed up in other laundering or mule schemes.

    (I’m not making accusations, just saying I wouldn’t be surprised.)

    I really, really, want to hear from some of his customers…

  2. CJ says:

    Well, if all these people are claiming this Author Gregory Evans plagiarized their information, then why hasn’t these people contacted him, or why hasn’t a lawsuit been filed. Why haven’t we heard his side?

    • 0ph3lia says:

      A lot of people have in fact contacted Evans, exposed his plagiarism, debunked his claims that he paid them, and debunked a lot of his other claims as well.

      However, even when he makes yet another one of his videos “debunking” their claims, Evans veers off topic, doesn’t actually do any debunking, and perhaps hopes to distract viewers with his screaming and rehashing of debunked claims. Pathetic.

      • CJ says:

        Who has contacted him about their material? Okay Evans may veer off topic but that looks like his personally to me. No big deal to me. Just paid some people to ghost-write for him cause no one has said anything bout it but people that ran the plagiarizing tool and seen the percentages but don’t know the agreement between him and whoever. Until I see a person come out and say “He took my words and I didn’t get paid, and here’s how…” i’m going to think he just paid someone for there works. That’s not illegal.

        • Prefect says:

          I’m going to assume the best any legal action would bring is an injunction against a book that isn’t selling rather than damages, which would be a waste of time. That is the reason no one is “contacting him”.

          The legal basis for what you’re saying (ghost writing vs. taking other people’s work verbatim without citations) is nebulous. Besides, the only evidence thus far suggests that people were both not compensated, and “releases” do not exist.

          Please supply a real identity or we’ll have to remove comments as spam. You’re clearly not Riley.

          • CJ says:

            My last name is Riley. I don’t know how you found that out but it is no big deal. Well that’s what it seems to me as ghostwriting. That is why I believe no one can sue. Is there a name of a person that is “contacting him”? What part did they write in the book? Why would you want to remove me anyway? Just a casual conversation.

          • Prefect says:

            Ghostwriting is the creation of writing that will be officially credited to another person in exchange for renumeration, not borrowing the previously published work of others, binding it, and selling it as your own book.

            That falls more under plagiarism, the use of the language and thoughts or another while representing the work as one’s own.

          • CJ says:

            That is true about ghostwriting, but if I buy the writes to that publishing, i own it now right? That’s what I’m getting from this. I want to interview or speak with a person that had there work stolen. That’s who needs to be here defending there work. I feel like everyone else is 3rd party really. Does the people just want their name in book? money? Or is it just principles? That last question was just curious about.

          • Prefect says:

            Principles: security is a small community, when work is taken its fairly obvious.

          • acanthephyra says:

            Since I can’t comment on your post above anymore, let’s sum up a few things: You allege that “anybody can say ‘I own this stuff’”, which leaves two possibilities: Either the paragraphs in “your” book are not copied from Chris Gates’ material, or carnal0wnage is not Chris Gates.

            The latter can be proven false by visiting http://www.ethicalhacker.net/content/view/106/24/ and searching for “XP Pro”. If you would please compare the text and the screenshot…

            Which leaves the option that carnal0wnage is not Chris Gates. If we really need to, we can probably find someone who knows Chris on Twitter and has met him in real life and can therefore confirm that @carnal0wnage is indeed Chris Gates.

            Are there any further doubts?

            Secondly, you go by the handle “CJ” and claim that your last name is Riley. Combined with a little fake account on Twitter called @cjohnriley, which has – surprisingly – the same writing style and punctuation as you, I guess that you claim to be Chris John Riley. As mentioned on another page on this blog, I know that person myself. If you are Chris John Riley, please tell me which cell phones you own. Or when we last met.

            And finally, to make things clear: The people whose work has been plagiarized and used in the book could sue it off the market. But you know what, Greg? It’s just not worth it. It costs time and money, and I’m absolutely sure that infosec professionals are having too much fun doing real work to bother with copypasta.

            And to throw a little ad hominem attack in the mix: You’re located in Norcross, Georgia, according to your IP, at least. I’d like to ask you to stop raping the English language.

          • Scott Applegate says:

            I have worked with Chris Gates in my official duties in the United States Army. I can verify that carnal0wnage is indeed Chris Gates. I can also verify that the work above is his work and not that of Chris Evans.

            Additionally, as a member of the EC Council Scheme Committee, I can verify that EC Council, and its President Mr. Jay Bavisi are aware that Mr. Evans has plagiarized a substantial amount of their material and have not brought suit only due to the projected cost of doing so versus the complete lack of return. That having been said, EC Council is preparing a press release to address this issue.

            Second, it should be noted that Mr. Evans displays the C|EH logo of a certified ethical hacker in one of his videos. I can confirm through EC Council that Mr. Evans does not in fact hold this, or any other certification through EC Council.

          • Scott Applegate says:

            Note typo in first sentence. End should read “is his work and not that of Gregory Evans.”

          • SomeGuy says:

            Just wanted to point out, the grammatical errors in “CJ’s” statements are almost identical to the grammatical errors that are strewn throughout everything that comes from Ligatt whether it be press releases or the “book.”

          • CJ says:

            Well guys I honestly could care less bout english errors in my writing. I am not trying to get a grade on my grammar. It was just a conversation and I didn’t know I had to be correct. Ok the Chris stuff was also seen on some other site. Which one was written first is the question? But as for as my name. I’m not Chris John Riley. Only reason I know of him is from a google search. Our names put together are spelled the same. Did some reading on the guy and and seen all this ligatt this and ligatt that stuff. But I have no problem with him. Just a couple jokes back and forth. But why are you questioning about him if he isn’t? lol…I hope that’s not why you searching me. I was just trying to have a healthy debate but you guys are becoming sensitive. I guess I’m just a little more open-minded I guess. But lets keep it on topic about ligatt and not where I am and who I am please.

          • b_zach says:

            You write a lot like Chris. Your name is Chris…. Are you sure you are not Chris? How can I distinguish you two apart?

        • acanthephyra says:

          Actually, people have done that, Greg. (I’m going to assume you’re Gregory Evans unless proven otherwise.) At least carnal0wnage (Chris Gates) has.

          https://twitter.com/carnal0wnage/status/16412965055 https://twitter.com/carnal0wnage/status/16430386415

          • CJ says:

            I’m not Evans. I don’t how I’m suppose to prove that. But thats just someone that says, “yeah that’s my work”. Honestly anyone can go say that, but since it is “Chris Gates” work, I just want to know what happen when he went forth with claims.

      • cstein2378 says:

        I did notice that in Gregory’s statements about his teaching credentials that he never stated that he was employed with any of the schools. What exactly does teaching mean? I can teach someone but it does not mean that this is my actual job. When people lecture at colleges, they are teaching. Gregory never stated that he was employed at any of these colleges. Some people are so cruel.

    • Prefect says:

      His side was the videos we linked to. The entire post is about his response?

  3. Interesting comments…. I see that nationalcybersecurity.com is currently down. However last time I looked the offending picture had been removed. Seems like the rightful owners came knocking.

    In regards to CJ… nice to meet you. Funny my name is Riley too. Maybe we’re related! Doubt it though.

    “Second, it should be noted that Mr. Evans displays the C|EH logo of a certified ethical hacker in one of his videos. I can confirm through EC Council that Mr. Evans does not in fact hold this, or any other certification through EC Council.”

    I (as much as it pains me to say) do actually have a CEH…. heck, Evans can have mine for all the good it will do him. Exams, press and loud voices don’t make a Security Professional after all.

    Chris John Riley (not the fake one)

    • joshdan says:

      Wow, Chris I just took a look at your profile. You are a young man with a lot of credentials. Should you bother with these conversations? It would seem that you are far too busy for stuff like this.

      • I’m busy, that’s true. I don’t run 3 companies of have 5 offices… but I’m still busy ;)

        I actually spend most of my time ignoring Evans. Why would I waste my time doing things like posting fake comments on blogs and other clearly pointless things. I’ll leave that to others.

        Still, somebody needs to stand up and say that what Evans has done/is doing/is still doing, is wrong. I’m not the only one standing up… and as annoying as it is to have my name linked in any way to Evans. I’m proud of my small part in exposing this charlatan for who he really is!

        Chris John Riley

  4. [...] on Friday: National Cyber Security Uncovers Racism Within the Computer Security Industry. In our article Friday we made a case for a better title: “Ligatt Discovers that People Don’t Like Being [...]

  5. Marc-André Meloche says:

    Well, i can officially tell you guys that he took my work and didn’t ask for my permission.

    http://www.gardienvirtuel.ca/wp-content/uploads/2010/03/hakin9_20100107_EN_short.pdf here is the original document and you can look in his book @ pages 274-280 where he actually pasted those pictures from the article and didn’t remove my name.

    This is pretty bad since he’s a nuisance for the business.

    • CJ says:

      Interesting, when was your book published? And did you try to file a lawsuit?

      • Marc-Andre Meloche says:

        It’s been published in January 2010.

        Should i sue this guy? or he will claim that he’s a victim of racism.

  6. [...] Seria Mullen, one of the supposed contributors to the blog happened to look an awful lot like Chloe White Kennedy, a reporter for Knox News. Another reporter, Grey McKenzie is virtually unknown other for his posts on NSS, and a virtually [...]

  7. [...] on Friday: National Cyber Security Uncovers Racism Within the Computer Security Industry. In our article Friday we made a case for a better title: “Ligatt Discovers that People Don’t Like Being [...]

  8. [...] accounts spawned today, all tweeting positively about the disgraced security firm LIGATT security (plagiarism, threats, stock manipulation), responding to actual security professionals, and using avatars that [...]

  9. Vanessa Ralph says:

    I’m really just getting into the whole “cyber security” trend, so this is all new to me, but I must say that I think its absolutely AMAZING to me how one or two men can cause such a HUGE uproar! Can this not be something that can just be let go!? Im not aware of the severity of the subject matter, nor do I have the entire “inside scoop” of things but I doubt things had to get this far! This reminds me of teenage girls bickering over the same guy!