In 2003 shortly after graduating from college, Priscilla Moriuchi was all set to teach in China when her trip got canceled.
That bit of bad luck opened the door to new opportunities, and when the National Security Agency came calling to see if she was interested in a job, it set her down the path she’s on today as one of the foremost expert researchers of nation-state hacking groups.
Click here for complete coverage of SC Media's 2020 Women in IT Security
When she first arrived at the NSA a few years after the September 11, 2001, terrorist attacks, Moriuchi knew very little about computer science or coding, and cybersecurity didn’t seem to be high on the agency’s list of priorities. But she took advantage of the career stability that came with government work to build a foundational knowledge at the intersection of technology and national security.
“One of the great things about starting off in government is that government gives you the time to train. We could spend weeks or even months in a course learning the intricacies of computer network communications, understanding metadata and doing in depth analysis,” said Moriuchi, who was named one of SC Media's 2020 Cyber Veterans as recognition for her years of contributions to the cybersecurity community.
Moriuchi wound up spending 12 years at the NSA, where she merged her new technical expertise with classified data streams to profile nation-state hacking groups. Her tenure tracked with the growing maturity of the federal government’s cyber operations as intelligence and law enforcement agencies learned to do attribution, collect the right data and map faceless, anonymous activities in cyberspace back to their human operators.
In 2017, Moriuchi became the director of strategic threat development at Recorded Future where she tracked malicious cyber campaigns carried out by China, North Korea and other countries. The biggest difference between her government and private sector jobs was learning to work without access to the latest classified information.
“It was really amazing for me to figure out – having lived in the classified world for most of my career – how much you could really learn about threat actors and analytics you could develop using just publicly available, common data,” she said. “That’s something that for me has kind of stuck throughout my career, being able to look at common, public mundane data being able to find patterns and derive insights from that data.”
As of August, Moriuchi brought her threat intelligence chops to Apple.
Her research is regularly cited in major media outlets and she recently became a non-resident fellow at the Harvard Belfer Center, where she is working on developing common standards for attribution and other facets of cyber threat intelligence work.
“There’s not really another industry where you have tens or even hundreds of private companies who have access to data, pointing fingers and essentially conducting a government and law enforcement function in the open,” said Moriuchi. “We are better for it…but what we’re missing are those universal accepted standards that can be useful for government, academia and private industry.”