Hashes to Ashes: Life & Times of Clandestine Infrastructure

Presented at LayerOne 2019, May 26, 2019, 1 p.m. (60 minutes).

Exploits and implants get all the press, but infrastructure is the bedrock for APT actor operations. It’s the first thing created, the last thing destroyed, and the costliest to have caught, exposed, or otherwise burned. Akin to logistics in traditional military operations, infrastructure is critical: as Admiral H.G. Rickover (USN) said: “Bitter experience in war has taught the maxim that the art of war is the art of the logistically feasible.” Clandestine operations infrastructure possesses an extreme complexity, and this talk aims to describe and explore that complexity in detail. By examining the complexity of APT actor operations from the perspective of their infrastructure, including highlighting the complexity involved alongside a real-world example, this talk help network defenders improve their understanding of the threat landscape and perhaps give ideas for red teamers as well.


Presenters:

  • Jason Kichen
    Jason spent nearly 15 years as an intelligence officer: designed, executing, and managing offensive cyber and technical operations all over the world. He left the government in 2017 and is working to deprogram as quickly as possible, and is helped in this endeavor by coffee and red wine. He is currently the Vice President for Advanced Security Concepts at eSentire.

Links:

Similar Presentations: