Hashes to Ashes: Life & Times of Clandestine Infrastructure

Presented at LayerOne 2019, May 26, 2019, 1 p.m. (60 minutes)

Exploits and implants get all the press, but infrastructure is the bedrock for APT actor operations. It’s the first thing created, the last thing destroyed, and the costliest to have caught, exposed, or otherwise burned. Akin to logistics in traditional military operations, infrastructure is critical: as Admiral H.G. Rickover (USN) said: “Bitter experience in war has taught the maxim that the art of war is the art of the logistically feasible.” Clandestine operations infrastructure possesses an extreme complexity, and this talk aims to describe and explore that complexity in detail. By examining the complexity of APT actor operations from the perspective of their infrastructure, including highlighting the complexity involved alongside a real-world example, this talk help network defenders improve their understanding of the threat landscape and perhaps give ideas for red teamers as well.

Presenters:

• Jason Kichen
  Jason spent nearly 15 years as an intelligence officer: designed, executing, and managing offensive cyber and technical operations all over the world. He left the government in 2017 and is working to deprogram as quickly as possible, and is helped in this endeavor by coffee and red wine. He is currently the Vice President for Advanced Security Concepts at eSentire.

Links:

• https://www.youtube.com/watch?v=7rK0_yeLz3M

Similar Presentations:

• Still Hacking Anyway (SHA2017) / The World in 24 Hours Revisited: How to re-enact a 1982 network art performance
• NolaCon 2019 / Hashes to Ashes: Life & Times of Clandestine Infrastructure
• TROOPERS17 (2017) / Looking Through The Web of Pages to the Internet of Things