• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)
 

China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

on

  • 370 views

Dave Ockwell-Jenner explains the common cyber espionage techniques used by the "comment crew" (APT1). A video of his excellent demo can be found here https://www.youtube.com/watch?v=2rJ2tHeb5yQ

Dave Ockwell-Jenner explains the common cyber espionage techniques used by the "comment crew" (APT1). A video of his excellent demo can be found here https://www.youtube.com/watch?v=2rJ2tHeb5yQ

Statistics

Views

Total Views
370
Views on SlideShare
370
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa) China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa) Presentation Transcript

    • About Me• Senior Security Architect for SITA– IT & Communications specialists for the Air Transport Industry– Created and manage software security program• Owner of Prime Information Security– Boutique security consultancy specializing in small-medium enterprise• Previously worked with RIMBlackBerry, TELUS, Nortel• And…– Creator of the 37th ever web site!– Blogger for TELUS– Co-Author of SANS course Developing Defensible Java EE Solutions– Co-Founder of the Small Business Community Network (SBCN)– House DJ and Producer
    • Hunting Wabbits• Tracking Evil Bad Guys™ for the pastseveral years– Looking at intrusion techniques, malwareand exfiltration– The so-called ‘Advanced Persistent Threat’• Not so much ‘Advanced’ but ‘Annoying’• APT1– Digital forensics firm MANDIANT recentlyclaimed well-known hacking group to be anoffice of the Chinese People’s LiberationArmy (PLA)– I may or may not have some experience withour Chinese friends!
    • How Advanced, is Advanced?• If I can understand it, it’s not veryadvanced– The organization and effectiveness isclever, but the techniques aresomething we can all understand• Why don’t we take a look at arecreation of an actual attack?– In time-honoured Looney Tunestradition, we’ll use a fictionalcompany called ACME, makers of…
    • Demo: Rules of Engagement• Please keep in mind, what you’re about to seeand hear is for educational purposes ONLY• Please ask lots of questions• If something doesn’t work, it has nothing todo with my awesome talent…… it’s clearly a hardware problem
    • ACME Labs
    • What did we learn?• Simple malware is really easy to make and yetquite effective– Malware is really easy to hide from AV• Once compromised, it’s pretty trivial to snooparound further and steal loot– But we can make it more difficult• Our web sites & apps might be a hiding place forcommand/control of infected systems– So make sure our sites/apps are secured—seeOWASP!
    • Thanks!doj@primeinfosec.com@daveojmixcloud.com/daveoj