Craig Schmugar

Me

Craig Schmugar

I’m a senior principal engineer and senior security research architect working to keep the online community safe. Since 2000, my roles have evolved from day to day virus research, to managing a global team of researchers across three continents; from researching and authoring threat reports and threat forecasts to building framework technologies to improve usefulness and efficiency of  existing defense capabilities.  More recently I’ve been defining and delivering next generation solutions, including patent pending industry leading approaches to combat and protect against some of the most sophisticated attacks.

My Story

My journey into the word of cyber security began in 1999, while working at Northwestern University.  Having recently graduated with a Masters in Jazz Pedagogy I found myself supporting several hundred users and systems across three locations.  The first significant email worm exploded across campus and faculty, staff, and students at our remote site, some 700 miles away, were reportedly part of the casualties.  Planning for the worst, I began developing a cleaning application (programming was a hobby and I sought out opportunities to gain experience).  I quickly distributed the program to those impacted and any crisis was averted.  Demand around campus was high, so I threw up a free website on xoom.com (different xoom than today), and before long I had exceeded 100,000 downloads.  Building on early success, the name getvirushelp.com was registered and the site built out further.  While the site wasn’t quite at the top of the search results for those seeking help with the virus, I reached out to the owners of the top sites and saw a boost in downloads exceeding 1 million after a link was added to the geocities.com site ranked #1 on the Yahoo! results page.

I continued researching and analyzing malware as I was able to obtain samples, built other cleaners, and added information to getvirushelp.com.

A year and a half after the start of it all I was working my dream job, protecting millions of users from malware full time, after having been recruited by one of the top anti-virus firms, McAfee (then Network Associates).

Years later I found out that it was one of the top researchers at McAfee who referred me to management, he was also the owner of the geocities site atop Yahoo’s search results.

P.S.  The infection report, of that remote office 700 miles away, were exaggerated and they were spared and didn’t need cleaner after all.

Patents

Intelligent backup and versioning

Intelligent backup and versioning

Methods and apparatus for defending against exploitation of vulnerable software

Methods and apparatus for defending against exploitation of vulnerable software

Methods, systems, and media for protecting computer systems from user-created objects

Methods, systems, and media for protecting computer systems from user-created objects

Cached file reputations

Cached file reputations

Methods and apparatus to defend against DLL side-loading attacks

Methods and apparatus to defend against DLL side-loading attacks

Persistence Probing to Detect Malware

Persistence Probing to Detect Malware

Intelligent Backup and Versioning

Intelligent Backup and Versioning

Method for Ransomware Impact Assessment and Remediation Assisted By Data Compression

Method for Ransomware Impact Assessment and Remediation Assisted By Data Compression

Mitigation of Ransomware

Mitigation of Ransomware

Real-Time Module Protection

Real-Time Module Protection

Temporary process deprivileging

Temporary process deprivileging

Two-Device Scrambled Display

Two-Device Scrambled Display

Systems and methods for malware detection and remediation

Systems and methods for malware detection and remediation

Computing platform security methods and apparatus

Computing platform security methods and apparatus

Computing platform security methods and apparatus

Computing platform security methods and apparatus

Discovery of Malicious Strings

Discovery of Malicious Strings

Real-Time Module Protection

Real-Time Module Protection

System, method and computer program product for conditionally updating a security program

System, method and computer program product for conditionally updating a security program

System, method and computer program product for context-driven behavioral heuristics

System, method and computer program product for context-driven behavioral heuristics

Method and apparatus for a virus information patrol

Method and apparatus for a virus information patrol

My Other Work

I’m a geek at heart, so part of my spare time is often spent pondering, exploring, building, or using technology in one fashion or another.  Here are some projects that fall into this category.

AdultBandFestival.org
BeavertonCommunityBand.org
SafeMobileApps.com
HaiyanBallet.net
Getvirushelp.com
AdultBandFestival.org

AdultBandFestival.org

AdultBandFestival.org was a complete re-build project, designing a new look, feel, and functionality; including site-migration, logo, Google Docs-driven form registration (Forms, Sheets, and App Script), and more.

BeavertonCommunityBand.org

BeavertonCommunityBand.org

BeavertonCommunityBand.org was a complete re-build project, designing a new look, feel, and functionality; including site-migration, logo, calendar integration, online giving, and members area.

SafeMobileApps.com

SafeMobileApps.com

SafeMobileApps.com came about after I spent too much time hunting for a private audio recorder for my daughter’s smartphone, one that didn’t request excessive permissions beyond those required to actually record and save microphone-captured sounds.  The backend of this work-in-progress was built with Python and MySQL and leverages Amazon’s EC2 web service, while the front end uses PHP and MySQL.

HaiyanBallet.net

HaiyanBallet.net

HaiyanBallet.net was a re-design project, refreshing an existing site with a new look, feel, and functionality, including site-migration, calendar integration, Google Docs-driven form registration (Forms, Sheets, and App Script), and more.

Getvirushelp.com

Getvirushelp.com

Getvirushelp.com is a modern version of the site that started my career in computer security.  Those original threat posts are long gone, but the current site lists some of the more recent threats.