Inside the OSINT Operation Getting Foreign Students Out of Ukraine by Chris Kubecka

[Music] [Applause] [Music] well hello everyone hopefully can hear me well and i don't trip over anything so my name is chris chris quebeco uh i'll move out of the way if you don't know me uh short version is i like to hack stuff i've hacked a lot of stuff i started young and i do a lot with cyber diplomacy as well as still hacking stuff especially ron and certain other countries so i like to have some fun um so we go back to the beginning of the ukrainian war i was actually in ukraine for a very specific reason part of my background is nuclear cyber incidents i used to lecture for gchq's center for the protection of national

infrastructure so i've been to all of the uh or i think all of the british nuclear facilities both enrichment and power plants and i've handled about six nuclear cyber incidents and i was asked to uh go to ukraine in case there was a nuclear cyber incident and to stage i ended up taking the last air france flight to ukraine uh before you know stuff everything got closed so i myself woke up to shelling the rest of the capital city did and uh you know we're seeing paratroopers coming in through from the sky you know as you do you know uh they just blown up the airport and uh we had decided to go a southern

journey because everyone was going west towards poland you couldn't go east or north because belarus or the russians and um because i know some very good people because we decided to go south i asked them to help out with intelligence so this great guy dutch osint guy ended up tracking me to the point where the first city we went to take a break in and he told me don't stop in that city bombing is imminent and we had a convoy of 26 people and two vehicles sharply turned right and everyone heard the sound and boom uh a city with no military value had been blown up so uh open source intelligence gathering and intelligence is very important when

you're trying to escape a war let me tell you so it took days to uh actually get to safety and during which when i was trying to cross into romania through the syria border crossing i discovered what microsoft calls the first violation of the geneva convention via malware because there was a wiper virus that the russians used against the border patrol of ukraine and they couldn't verify information couldn't verify if your child was yours and you're not going to leave your kid behind all sorts of things like that so if you saw the pictures of people with kilometers and kilometers of traffic at all of the border crossings that was caused because uh the border patrol had

to go to pencil and paper and let one car through at a time uh at the border crossing i was at someone froze to death waiting for to use the bathroom it was very cold so i finally get to romania and i wake up and in my hotel room i get this weird message saying hey chris you got out can you help this guy named maurice creek it was one of my special forces buddies from the us i have i'm not very good with names i'll be honest with you and it turns out he was a famous basketball player and he was stuck in this place called mikala and mikala there is a river a bridge and the russians were coming in

on the other side the ukrainians were ready to blow the bridge for defensive purposes if they circled around and they closed off any water traffic so of course he couldn't head east or north and uh via some of my intelligence friends they had told me to very nicely inform maurice don't put anything on social media right now because some of the russian troops are actually looking for high value civilians to kidnap and ransom so you know just your normal day and so i started getting a lot of information and contacting a lot of friends i think i ended up uh hooking up to about 20 some different uh communications mediums uh getting all sorts of stuff figuring

out drivers drivers from romania there were some very very cool drivers that were like we're just gonna go into ukraine and start picking up people for free so there was a concerted effort but trying to connect these people and also in the case of mykola we had to negotiate to get what's called a special permit to try to go over the bridge which they only allowed a couple of hours a day to get maurice out and luckily we were able to get maurice out and he was able to get in a car as quickly as possible go to the moldovan border and then come to bucharest where we celebrated by having a lovely meal so that was good

and because of the publicity around this this was from uh people magazine a bunch of other orgs and ngos and so forth contacted me going can you help our people out and i was like well the answer is yes so ukraine for over a generation has been known as high-value low-cost education for a lot of the global south and folks that just don't have money but want to study aeronautics medicine maritime stuff agriculture on a high level computer science it gives a lot of people opportunities uh quite a few people who are educated in ghana actually speak russian and or ukrainian from back in the day because they actually went to ukraine and went to university

so i get contacted by this one group who says we have over a thousand students in sumi ukraine and to give you a bit of a picture russia sumi and when the russians started moving in within a couple of hours it was russian controlled and here we have students from india from all sorts of parts of africa bangladesh asia you name it and this was a problem because when the area started getting controlled by russia supplies were starting to get restricted uh the russians were trying to use this restriction of supplies to force the population to uh vote uh to be part of russia um we ran into a warlord um funny thing i had to send a message

to a former intel friend going i need to negotiate with the warlord this morning do you have any experience so it was kind of an odd message for him to wake up to we had some humanitarian folks who said they were humanitarians but found out that they were actually smuggling lethal arms with people which would have put them in a different category of the geneva conventions and some of them were like yeah we'll bring food and medical supplies but you have to know we're going to have weapons we're like we can't have that uh it's just a no-go we had a fake mayor installed by the russians uh to get supplies in uh he said that we had to acknowledge

him so i ended up setting up a fake website that looked like a media thing with robots.txt to keep it from getting indexed and as soon as he saw that he let humanitarian supplies in and then i pulled it down so these are some of the things that had to be done another issue was if they wanted to buy supplies they ended up being escorted by a ukrainian officer which meant the person buying supplies with this ukrainian officer could be taken out by a russian not awesome um some of the embassies gave some terrible advice uh when it came to technology this was a problem because we were trying to keep track of the students because well

um some of the students were at danger of being you know victim to various war crimes then some of the governments were just corrupt as hell we ran into one particular ambassador from a particular country in russia that basically got paid to uh say oh yeah we want all of our students in russia and the students were like no they've been trying to kill us we don't want to go to russia um we also ran into bad water people were getting infections people were getting sick so we ended up uh writing up a survival manual uh which we crowdsourced a little bit from escape students former special forces and myself and um when we tried to get them evacuated the

first time the russians decided oh we're going to open a humanitarian corridor they sent russian buses and say get on the buses we're taking you to russia the students are like no and they started shooting on our students luckily they were not killed like one in uh kiev was killed when we finally got a proper humanitarian corridor we had buses in the front was the romanian red cross and in the back with this convoy of over a thousand students and i get contacted that the russians have just kidnapped uh the red cross and some of our buses they pushed them into russia let the red cross come exit russia and kept those students some as

young as 16. uh and it's then they try to stop the buses and try to pull female students off of the buses so imagine this is what i'm trying to deal with and so are many people we need to get them the hell out of there right so we finally get uh the folks out of sumi and that was very rough um there was a lot of them so uh then we get contacted that in kirsten uh supposedly there's about 60 students it ends up being 93 and turns out that some of the students had covet some did not but some had various medical issues they could not get medication they're facing some of the same challenges

not being allowed to leave because the russians wanted to keep everyone there to force them to vote to be part of russia we had one two particular folks where they were uh a palestinian and an israeli who are now best friends because they had to live through this for weeks uh the bomb shelter they were in the uh top of the building had already been destroyed but the electric was still in the basement so that's what they were living through um one particular woman she was a ukrainian married to a student eight and a half months pregnant severe asthma no inhaler no access to a hospital some of our other students when they tried to

look for food and walk to a village they were kidnapped by russian soldiers over zip tied brought to a torture room um tortured and then put back into a truck and pushed out uh near the compound where the rest of the students were staying and uh you know all of this we're still trying to arrange some sort of humanitarian thing we're trying to contact commercial companies uh to actually see if they can extract they're like well i'll give you a discount for 150 000 but i'm telling you if you got 92 93 people from pregnant women all the way up to 70-year-old professor we're not going to be able to extract them then we had some

incredibly terrible person who had seen some of the social media videos and contacted the student leader and said i work for the secret service we're going to extract you give us all of your contact information for all the students in the gps locations and it turns out he was not a federal person um he was a fake preacher uh who wanted to contact all of them to read the bible to them and the students had packed up and all of a sudden their dreams were dashed and some of them were suicidal because of this so we had to kind of get them out as quickly as possible right uh so we're finally able to get them out

with arranging with romanian and local drivers the ukrainians had pushed back the russian troops at the time and they used that opportunity i was asked should they go and i say you know get the most vulnerable people in the cars first but go and that was i think about 3 a.m local time leave now because they might not have another chance and so we routed them safe routes figured out which bridges and roads had been bombed out or land mined to make sure that they didn't drive over a landmine or if they had to go over a bridge it was still there and also we correlated some of the information with which border area was safest

because apparently some neo-nazi groups decided to use the opportunity at some of the border crossings to beat the hell out of some of these international students so we were not going to send them into getting the hell beat out of them right so we had to use heat maps and things like that police reports and so forth so lots of layers sometimes diplomacy lots of coordination this is from chimney he actually is watching this he's one of the students and i was so happy that he was able to get out as well as all of these students i think in total about 1700 between the two cities and it was very useful to use open source intelligence and even closed

source intelligence because i was also getting fed by retired former and active duty military from various countries trying to get these students out because one of the dangers is if the russians get a hold of students from a particular country they can then uh make sure that that particular country goes well we're gonna agree with the uh russians especially if they came from certain african countries because they had their kids imagine how that would look uh so the risk of being used as a political pawn so i ended up having to go to the press for help because some of the embassies were not great or giving really bad advice and could have gotten people killed if

they didn't already and i ended up from romania going to lisbon to do a talk at a university and this chap named gabriel was like hey let's talk let's meet at this coffee house he didn't realize it was right next to the russian embassy anyway it was not the most comfortable spot for me we ended up talking for a lot and he's like we got to get this out and good tech advice as well because some of these embassies are going to kill people uh so we decided to do that and so vice motherboard and a whole bunch of people uh ran some stories on it to try to get the word out with also some of the news

about the technology so that we could get more students out before the war there were over 25 000 international students now luckily there are almost none but some of them are now in russia being used as political pawns uh some of our indian students for example were pushed into russia we have not heard from them again so i was able to contact a lot of people crowd source things like how to get food and lock pick food warehouses um a lot of the people i contacted were people like you that i meet at conferences so if you ever get a dm for me going can you help with this it's probably something like this uh because

we as a community have unique skills that we can use to save lives every day so wanted to give a shout out to dutch who made sure all 26 of us survived karen she's been wonderful uh my now adopted ukrainian family misha who helped out so much uh the journalists and everybody else and all of you for listening thank you very much [Applause] i've got time for questions yes

[Music] uh so what i i talked about survival skills intelligence and that i know a lot of people my background is i was in the air force i was one of the first female air crew members that was allowed to be in combat so i had to go through something called sear training which is survival evasion recovery and escape uh pow mock-ups they beat the hell out of you you got to jump out of an airplane into the water you know all sorts of things um and because of that i know a lot of people who are also in special forces intelligence my second career was space command dealing with what's called command and control systems and also

protecting satellite telemetry data so i worked a lot in interesting fields and so it has helped me with interesting people that can help out in these types of situations so it's a great question there's got to be more questions because you have a bit of time one back here

yeah what kept me going doing all this and i'm actually still involved in a lot of it um seeing some of the things that had occurred while uh we were leaving we almost got killed we almost got stopped uh but we blew through the checkpoint of the the wagner group or wagner group because they had also secretly set up in certain locations and we're dropping propaganda i i do have a picture of the propaganda dropping truck um and then when i got to the border close enough where i could walk uh because we had about a four more day journey um so misha and i walked up to the border and uh we were told about the cyber

attack he showed them my wiki page and explained why i was there and when we moved up to the most senior officer he's like i have to check you out using a landline because computers weren't working came back and said uh you're on the high value target list because one of my books that one um i make fun of putin um because i like doing that and hacking things in russia um so i got the refugee light experience knowing that i got the refugee light experience and only coming away with uh let's see a fractured tibia and ankle out of the whole thing um i couldn't imagine living weeks in a bomb shelter one of the things i had to put in the

survival manual was the toilet tank water not the bowl was actually safe to drink because that's how desperate it was for clean water and i couldn't imagine myself in that situation or the situation of being a woman and getting pulled out and possibly tortured or raped um or anyone else under those circumstances so that's what has kept me going this entire

time can we all do to help you with what you're doing all right so one of the things you can do i do take uh twitter dms or try my best to follow people that follow me back or on linkedin and if you say hey saw your talk anything i can do i'll try to put you on a list a secured list it's offline and if i ever need any assistance if you have any particular skills and anything you can think of even from survival skills intel skills communication skills what have you um then i might have to reach out to you and go hey i've got this situation um map skills routing skills i just had to route uh via a friend

um a husband wife and child no husband wife and mother uh for the safest route to try to get out of ukraine because of the recent bombings so keep in contact you don't have to follow me on twitter but i do take dms and if i reach out i hope that you'll help out with the effort of either this or any other effort when it involves possible loss of life i have four minutes so any other questions or i'm gonna have to drink they'll make me drink i think ah

uh in ukraine interesting projects oh i do like to hack stuff um we do have um let's see a bit of an interesting project um my institute the middle east institute where i've have a fancy title we were asked to write the abraham cyber peace accord so the cyber addendum to the abraham peace accords which is supported by israel and uae and we're trying to add to it the support because i think that in this day and age we've seen that cyber weaponry can be used in malicious ways i suppose i was telling someone earlier i was supposed to go to burkino faso earlier this year until um they had a coup in the capital city and the reason

being is there's a particular islamist terrorist group um that has purchased cyber weaponry from iran it's easier to send them that than it is to try to smuggle illegal um so we need to realize or at least have our countries realize this is no longer fantasy or these airplane novels or you know funky movies with lots of things that blow up cyber warfare is being used along with physical warfare and also all sorts of surveillance stealing of intellectual properties trying to dox people by foreign governments uh like someone i know last year got put on iranian uh news with his home address and one picture of him and his dog from social media who happens to be an

israeli so these types of things can be used against us and it would uh be to a benefit that we try to look at what we do in those situations from the country level so that might be an interesting project any more questions got a minute and a half any questions all right done [Music] [Applause] you