The Industrial Revolution of Lateral Movement

Presented at Black Hat USA 2017, July 27, 2017, 9 a.m. (25 minutes).

Recent advancements in the Targeted Attacks technology, and specifically to the Lateral Movement phase of it, are about to ignite an Industrial Revolution in this field.

The original Industrial Revolution and its use of modern methods of mass production is said to had brought "improvements in the cost, quality, quantity, and variety of goods available". The Lateral Movement Industrial Revolution will have similar effects on the attack side.

Consequently, it will have grave repercussions on the defensive side. As always when facing a stressful situation, defenders can respond either by: Fight, Flight, or Freeze.

In this talk, we will describe these recent advancements in the field of automated Lateral, followed by a demo and the release of ‘GoFetch’, a new open-source lateral movement automation tool. We will conclude with a discussion on the implications of Lateral Movement industrialization on both attackers and defenders.


Presenters:

  • Tal Be'ery - Researcher, Independent
    Tal is a cyber-security researcher, returning speaker in the industry's most prestigious event, including BlackHat and RSA Conference, member of the Facebook's exclusive WhiteHat list. One of his most known works was the TIME attack against the HTTPS/SSL protocol. For the last 15 years, Tal had built and lead a few Cyber-Security R&D teams, mostly in the field of network monitoring for various security problems and protocols: Recently, Tal has led research for Aorato (acquired by Microsoft) as VP for Research. Tal holds M.Sc. and B.Sc degrees in CS/EE from Tel-Aviv University and a CISSP certification.
  • Tal Maor - Security Researcher , Microsoft
    Tal Maor is a Security Researcher at Microsoft with a passion for creating tools that makes live easy and more secured. Prior to Microsoft, he developed intelligence platforms in a leading defense industry company, after serving four years in the IDF intelligence corps. Tal holds a B.Sc degree in Computer Science.

Links:

Similar Presentations: