“Knowing the Enemy”- Creating a Cyber Threat Actor Attribution Program

Presented at BSidesDC 2016, Oct. 23, 2016, 1:30 p.m. (50 minutes).

Cyber-attacks have continued to rise, with the existing threats progressively evolving at a rapid pace while newer more lethal threats are emerging at an alarming rate. Despite organizations having increased their investments in technological solutions, we continue to see high-impact data breaches. This is partly due to the fact that technical responses and safeguards are no longer sufficient preventative measures as they only remove the instruments of the attacks and not the causes themselves, the human attackers.

Technologies, Tactics and Procedures (TTPs) surrounding Cyber Threats are a part of the daily Cyber Security discussion. However a very critical topic of discussion which must be included in the conversation surrounds the attribution and ultimately the identification of Cyber Threat Actors and the steps necessary to reach that goal.

Presenters:

• Jack Johnson - Manager / Security Operations Center (SOC) at MarkMonitor
  Jack Johnson Manager of the MarkMonitor Security Operations Center (SOC) has over 20 years of experience in the Enterprise Systems Engineering and Security space. Jack is a recognized subject matter expert in Cyber Security and Enterprise level System Administration and Security best practices. He is currently working on multiple projects developing new and improved Phishing and Malware detection, analysis and mitigation systems.

Links:

• https://bsidesdc2016.busyconf.com/schedule#activity_5764694154b8b97919000144
• https://www.youtube.com/watch?v=_OqnyS67gn8

Similar Presentations:

• DEF CON 19 (2011) / An Insider's Look at International Cyber Security Threats and Trends
• GrrCON 2017 / Cyber, Cyber, Cyber - Using the killchain to accomplish something
• Black Hat Europe 2017 / Diplomacy and Combating Evolving International Cyber Threats