Meet the experts tracking Storm-0539 gift card fraud

Alison Ali, Waymon Ho, and Emiel Haeghebaert came to cybersecurity through very different paths. This group of analysts tracking Storm-0539 has a background that spans international relations, federal law enforcement, security, and government.

Waymon Ho first pursued a degree in computer science with a focus in software engineering but stumbled upon an internship with the Federal Bureau of Investigation (FBI). This changed his trajectory to pursue a cybersecurity career.

“At the FBI, I investigated cybercriminals as a computer scientist and joined Microsoft in 2022 as a senior hunt analyst on the Microsoft Threat Intelligence Center (MSTIC) team, focused on tracking threat actors,” Waymon explains. He is currently a senior security research manager on Microsoft’s Global Hunting, Oversight, and Strategic Triage (GHOST) team.

Waymon says what’s notable about Storm-0539 is their persistence and knowledge of the gift card issuing process. “They identify employees managing gift card portals and locate internal guides outlining how to issue them. They issue cards just under the security limit to ensure authorization and that they remain undetected so they can return and repeat the process,” he adds.

Emiel Haeghebaert’s background spans both technology and international relations. Originally from Belgium, Emiel moved to the United States in 2018 to pursue a degree in security studies at Georgetown University. He’s currently a senior hunt analyst with MSTIC, where he tracks Iranian state-sponsored cyberthreats targeting Microsoft customers and consumers.

Emiel also supports Microsoft incident response engagements related to both financially motivated and state-sponsored threat actors, supporting on-site teams and customers with attribution analysis, threat actor insights, and tailored briefings. With a background in international relations and cybersecurity, Emiel thrives at the intersection of these fields. “Working in cyberthreat intelligence, it’s essential to have not only an understanding of technical matters related to cybersecurity, but also a comprehension of threat actors, their motivations, their priorities, and their sponsors’ strategic objectives,” he says. “My background in history and geopolitics helps me gain a more complete understanding of cybercriminal groups and state-sponsored threat actors.”

Alison Ali came to security in a roundabout way, with a background in linguistics from Georgetown University. She began working at Microsoft in 2022 as a senior security researcher, where she works with teams across Microsoft Security to synthesize information for customers on significant cyberthreats, including financially motivated threat actors. Alison says, “Organizations across all industries are frequently dealing with users affected by large scale attacks like phishing or password sprays— what matters is security hardening measures that stop an initial foothold from becoming a major intrusion.”