Profile
Mor Levi has over 8 years of experience in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations.
Reviews
Mor Levi runs the Security Services team at Cybereason. She is an outstanding leader, visionary and though leader. Discussing cybersecurity trends and issues comes naturally for Levi. Levi is one of many females at Cybereason working in senior leadership positions. She is a strong advocate for diversity in the workplace and she recently conducted a presentation to female college students at Boston University, interested in the technology field and the broader professional opportunities in cybersecurity. She has spent the last 10 years in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations. She is one of the world’s foremost female cybersecurity researchers and security analysts. In 2018, Levi led the ‘Operation Soft Cell’ (https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers) investigation in what seemed to be a single breach in a large global telecommunications company. The research findings resulting from the investigation was covered by more than 2500 news outlets in 95 countries. In the process of assessing data from the breach, Levi and the team began to see signs of a larger attack campaign and identified the attacker as being a nation state actor from China. Over the course of nearly one year and through multiple waves of attacks, Levi was able to observe the tools and methodologies used by the attacker, recognize what data they were after, and at times watch the attacker operate on the network with admin privileges. Levi’s team were able to determine that this attack was far more widespread and far reaching than it appeared. It turns out the hackers were after Call Data Records (CDRs) of certain influential people and the hackers could track there whereabouts, who they were texting and learn their every movement from home, work or business of leisure travel. The global cellular providers that were breached have hundreds of millions of customers in more than 30 countries.