The APT at Home: The attacker that knows your mother’s maiden name

Presented at ShmooCon XV (2019), Jan. 19, 2019, 11 a.m. (60 minutes)

While we’re fighting for our security and privacy, some are being left behind. Traditional security models tend to rely on certain assumptions in order to work effectively. For example current solutions assume that the user is able to make configuration changes and is permitted to keep certain facts secret in order to authenticate to a service or device. For victims of domestic violence, their proximity to their attacker means that many security solutions are ineffective and, in some cases, even harmful to implement. This talk will explore cases where traditional security measures fail an already-vulnerable population and how we need to rethink our approach to security.

Presenters:

• Chris Cox
  Chris Cox (@Cyber_Cox) is the founder and past president of the nonprofit Operations Security Professional’s Association and Executive Director of its anti-domestic violence initiative, Operation: Safe Escape. He also teaches cybersecurity for the Department of Defense and is the former Chief Information Officer and Information Assurance Manager for the Army’s National Training Center.

Links:

• https://infocon.org/cons/ShmooCon/ShmooCon 2019/The APT at Home.mp4

Similar Presentations:

• DeepSec 2018 „I like to mov &6974,%bx“ / Blinding the Watchers: The Growing Tension between Privacy Concerns and Information Security
• BSidesDC 2019 / The APT @home - when the attacker knows your mother's maiden name
• Black Hat USA 2010 / Security is Not a Four Letter Word