About Me• Senior Security Architect for SITA– IT & Communications specialists for the Air Transport Industry– Created and ...
Hunting Wabbits• Tracking Evil Bad Guys™ for the pastseveral years– Looking at intrusion techniques, malwareand exfiltrati...
How Advanced, is Advanced?• If I can understand it, it’s not veryadvanced– The organization and effectiveness isclever, bu...
Demo: Rules of Engagement• Please keep in mind, what you’re about to seeand hear is for educational purposes ONLY• Please ...
ACME Labs
What did we learn?• Simple malware is really easy to make and yetquite effective– Malware is really easy to hide from AV• ...
Thanks!doj@primeinfosec.com@daveojmixcloud.com/daveoj
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)
Upcoming SlideShare
Loading in …5
×

China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

623 views

Published on

Dave Ockwell-Jenner explains the common cyber espionage techniques used by the "comment crew" (APT1). A video of his excellent demo can be found here https://www.youtube.com/watch?v=2rJ2tHeb5yQ

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
623
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

  1. 1. About Me• Senior Security Architect for SITA– IT & Communications specialists for the Air Transport Industry– Created and manage software security program• Owner of Prime Information Security– Boutique security consultancy specializing in small-medium enterprise• Previously worked with RIMBlackBerry, TELUS, Nortel• And…– Creator of the 37th ever web site!– Blogger for TELUS– Co-Author of SANS course Developing Defensible Java EE Solutions– Co-Founder of the Small Business Community Network (SBCN)– House DJ and Producer
  2. 2. Hunting Wabbits• Tracking Evil Bad Guys™ for the pastseveral years– Looking at intrusion techniques, malwareand exfiltration– The so-called ‘Advanced Persistent Threat’• Not so much ‘Advanced’ but ‘Annoying’• APT1– Digital forensics firm MANDIANT recentlyclaimed well-known hacking group to be anoffice of the Chinese People’s LiberationArmy (PLA)– I may or may not have some experience withour Chinese friends!
  3. 3. How Advanced, is Advanced?• If I can understand it, it’s not veryadvanced– The organization and effectiveness isclever, but the techniques aresomething we can all understand• Why don’t we take a look at arecreation of an actual attack?– In time-honoured Looney Tunestradition, we’ll use a fictionalcompany called ACME, makers of…
  4. 4. Demo: Rules of Engagement• Please keep in mind, what you’re about to seeand hear is for educational purposes ONLY• Please ask lots of questions• If something doesn’t work, it has nothing todo with my awesome talent…… it’s clearly a hardware problem
  5. 5. ACME Labs
  6. 6. What did we learn?• Simple malware is really easy to make and yetquite effective– Malware is really easy to hide from AV• Once compromised, it’s pretty trivial to snooparound further and steal loot– But we can make it more difficult• Our web sites & apps might be a hiding place forcommand/control of infected systems– So make sure our sites/apps are secured—seeOWASP!
  7. 7. Thanks!doj@primeinfosec.com@daveojmixcloud.com/daveoj

×