A Hacker’s Viewpoint: Planning the Attack

Presented at Kernelcon 2020 Virtual, March 27, 2020, 11:30 a.m. (20 minutes)

A lot of work has gone into breaking out the stages of an attack. Unfortunately, many security teams focus on the detection of infiltration, data loss, or response after an attack. This focus skips over a more proactive approach to preventing the attack during the planning stages. There is a plethora of information publically available about a company and its employees that is collected prior to an attack. This information is used to find vulnerabilities in information systems. The information is also used to plan out social engineering which is used to gain system credentials or additional information about a company.

Presenters:

• Kristina Krasnolobova
  Kristina Krasnolobova is Data Security Analyst for Sentara Healthcare. She managed to collect couple MS degrees and now working on filling up her tool belt with certifications, enjoys volunteer and believes in giving back to community. Her spare time she spends outdoors.
• Robert George
  Robert George is the Principle CyberSecurity Architect for Sentara Healthcare. He has worked in the security field for 10 years as an analyst, engineer, architect, and SOC manager. He is currently working towards a MBA and holds a leadership position with the health system. In his spare time, he plays the violin and researches new technologies.

Links:

• https://2020.kernelcon.org/cfp/K2020_rgeorge.pdf

Similar Presentations:

• THOTCON 0x7 (2016) / Social Untrust
• DEF CON 23 (2015) / Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion
• Black Hat USA 2015 / Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion