Presented at
ShmooCon XIII (2017),
Jan. 15, 2017, noon
(60 minutes).
2016. Am I right? The June 2016 revelations of the DNC breach by two Russia-based advanced persistent threat groups was only the beginning of a series of strategic leaks and conflicting attribution claims. In a series of "1-2 punches," we saw attacks designed to breach the target and exfiltrate data reinforced by a campaign to leak information using mouthpieces posing as hacktivists. In this presentation we'll demonstrate techniques used to identify additional malicious infrastructure, evaluate the validity of "faketivists" like the Guccifer 2.0 persona, strengths and gaps in the attribution analysis, and how the adversary might adjust their tactics going forward.
Presenters:
-
Toni Gidwani
Toni Gidwani is the Director of Research Operations at ThreatConnect and leads ThreatConnect's research team, an elite group of globally-acknowledged cybersecurity experts dedicated to tracking down existing and emerging cyber threats. Prior to joining ThreatConnect, Toni led analytic teams in the U.S. Department of Defense.
Links:
Similar Presentations: