SlideShare a Scribd company logo

Advanced persistent threats

Download as PPTX, PDF
Japneet Singh
Japneet Singh

Introduction to the Advanced persistent threats

Engineering
1 of 14
Advanced Persistent Threats By Japneet Singh
Agenda • Few interesting real APT attacks • What’s an APT, what are the goals? • Attack Phases • Actors and attribution • Why there’s no end to it (yet!) • Further resources • Demo using Metasploit + Armitage
The cuckoo’s egg • 1st known incident of cyber espionage • First observed intrusion in 1986 at Berkeley Lab • Espionage of confidential military documents • Culminated with arrests in Germany in 1990 • Alleged involvement of KGB
Stuxnet • 1st known cyber weapon • Uncovered in 2010 • Destroyed nuclear centrifuges in Natanz, Iran • Alleged involvement of APT group(s) in Israel and US • Abused 4 0days in single attack!
Gh0stNet • Widespread political espionage • Discovered in 2009 • Compromised systems in 100+ countries • Close to 30% systems belong to diplomatic, political, economic, and military targets • Alleged involvement of APT group(s) in China
Operation Aurora • Aimed at multiple big corporations including Google, Adobe, etc. • Primary goal was to gain access to and modify source code repositories at these companies • Widespread industrial espionage • Alleged involvement of APT group(s) in China • Abused an IE 0day
Few recent APTs • DNC email leak (2016) • Bangladesh Bank cyber heist (2016) • Olympic Destroyer (2018) • Ukraine power outage (2015) • Saudi Oil and Gas plant disruption (2017)
What’s an APT • Targeted attack (Not every targeted attack is APT) • Advanced • Tools customized for target/campaign • Deception and trickery • Persistent • Low and slow • Hard to eradicate • Well funded and staffed • 0days, spearphising, rootkits, etc. • Mostly involve nation state level groups
Goals • Industrial and military Espionage • Destruction • Demonstration of power • Financial motives • Hacktivism
Attack Phases
APT actors and attribution • There are real humans behind APTs • Multiple groups can be attributed to single country • Attribution is a hard problem • Pyramid of pain
Why there’s no end to it (yet!) • Democracy of internet • Lack of deterrence • It’s an Arms Race!
Further resources • Past APT reports https://github.com/kbandla/APTnotes New location https://github.com/aptnotes/data • ATT&CK framework, threats, actors etc. https://attack.mitre.org/ • Lockheed martin Kill chain • The cuckoo’s egg: Tracking a Spy Through the Maze of Computer Espionage • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon • Pyramid of pain (in Attribution)
Demo • Metasploit • Armitage • Simulating Attack phases

Recommended

Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Cybersecurity Readiness Discussion - Brian Dye, Intel Security
Cybersecurity Readiness Discussion - Brian Dye, Intel SecurityCybersecurity Readiness Discussion - Brian Dye, Intel Security
Cybersecurity Readiness Discussion - Brian Dye, Intel Securityscoopnewsgroup
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?Ammar WK
 
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)mysociety
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generationTony Lauro
 
What's the point about wikileaks?
What's the point about wikileaks?What's the point about wikileaks?
What's the point about wikileaks?Joris Berthelot
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber warDavid Willson, Attorney, CISSP, Security +
 
Hackers Don't Matter
Hackers Don't MatterHackers Don't Matter
Hackers Don't MatterWalter Vannini
 

Recommended

Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Cybersecurity Readiness Discussion - Brian Dye, Intel Security
Cybersecurity Readiness Discussion - Brian Dye, Intel SecurityCybersecurity Readiness Discussion - Brian Dye, Intel Security
Cybersecurity Readiness Discussion - Brian Dye, Intel Securityscoopnewsgroup
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?Ammar WK
 
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)Impacts of Leak Sites - Masayuki Hatta (Surugadai University)
Impacts of Leak Sites - Masayuki Hatta (Surugadai University)mysociety
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generationTony Lauro
 
What's the point about wikileaks?
What's the point about wikileaks?What's the point about wikileaks?
What's the point about wikileaks?Joris Berthelot
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber warDavid Willson, Attorney, CISSP, Security +
 
Hackers Don't Matter
Hackers Don't MatterHackers Don't Matter
Hackers Don't MatterWalter Vannini
 
Wikileaks
WikileaksWikileaks
WikileaksAlex bj?lig
 
Hacking its types and the art of exploitation
Hacking its types and the art of exploitationHacking its types and the art of exploitation
Hacking its types and the art of exploitationShubhamChoudhary171
 
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & KnowingSteele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & KnowingRobert David Steele Vivas
 
2014 steele @-yale1
2014 steele @-yale12014 steele @-yale1
2014 steele @-yale1Robert David Steele Vivas
 
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...EENA (European Emergency Number Association)
 
Vehicle Borne Terrorism
Vehicle Borne Terrorism Vehicle Borne Terrorism
Vehicle Borne Terrorism Gerald McKenna
 
Hacking
HackingHacking
HackingNahid Hassan Onid
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council
 
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...CODE BLUE
 
Gabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information SharingGabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information SharingBlack Cell Ltd.
 
Cyber Security Emerging Threats
Cyber Security Emerging ThreatsCyber Security Emerging Threats
Cyber Security Emerging Threatsisc2dfw
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismPierluigi Paganini
 
Do it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 PresentationDo it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 PresentationBrian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)Pukhraj Singh
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Andrew Hammond
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto GoldAndrew Hammond
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationCharles Mok
 
Red team Engagement
Red team EngagementRed team Engagement
Red team EngagementIndranil Banerjee
 
Presd1 17
Presd1 17Presd1 17
Presd1 17Niels Groeneveld
 

More Related Content

What's hot

Hacking its types and the art of exploitation
Hacking its types and the art of exploitationHacking its types and the art of exploitation
Hacking its types and the art of exploitationShubhamChoudhary171
 
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & KnowingSteele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & KnowingRobert David Steele Vivas
 
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...EENA (European Emergency Number Association)
 
Vehicle Borne Terrorism
Vehicle Borne Terrorism Vehicle Borne Terrorism
Vehicle Borne Terrorism Gerald McKenna
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council
 

What's hot (10)

Wikileaks
WikileaksWikileaks
Wikileaks
 
Hacking its types and the art of exploitation
Hacking its types and the art of exploitationHacking its types and the art of exploitation
Hacking its types and the art of exploitation
 
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & KnowingSteele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
Steele @ Yale ON INTELLIGENCE -- Spies, Lies, & Knowing
 
2014 steele @-yale1
2014 steele @-yale12014 steele @-yale1
2014 steele @-yale1
 
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
EENA 2021: Keynote – Open-Source Intelligence (OSINT) for emergency services ...
 
Vehicle Borne Terrorism
Vehicle Borne Terrorism Vehicle Borne Terrorism
Vehicle Borne Terrorism
 
Hacking
HackingHacking
Hacking
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael Banks
 

Similar to Advanced persistent threats

[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...CODE BLUE
 
Gabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information SharingGabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information SharingBlack Cell Ltd.
 
Cyber Security Emerging Threats
Cyber Security Emerging ThreatsCyber Security Emerging Threats
Cyber Security Emerging Threatsisc2dfw
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismPierluigi Paganini
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)Pukhraj Singh
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Andrew Hammond
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationCharles Mok
 
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...Chi En (Ashley) Shen
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceAndreas Sfakianakis
 
The Technology perspective- Staffan Truvé, Recorded Future
The Technology perspective- Staffan Truvé, Recorded Future The Technology perspective- Staffan Truvé, Recorded Future
The Technology perspective- Staffan Truvé, Recorded Future LIBER Europe
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial SectorLIFARS
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksn|u - The Open Security Community
 

Similar to Advanced persistent threats (20)

[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...
 
Gabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information SharingGabor Munk - CTI and Information Sharing
Gabor Munk - CTI and Information Sharing
 
Cyber Security Emerging Threats
Cyber Security Emerging ThreatsCyber Security Emerging Threats
Cyber Security Emerging Threats
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern Terrorism
 
Do it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 PresentationDo it Best Corp. Techapalooza 2013 Presentation
Do it Best Corp. Techapalooza 2013 Presentation
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto Gold
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
 
Red team Engagement
Red team EngagementRed team Engagement
Red team Engagement
 
Presd1 17
Presd1 17Presd1 17
Presd1 17
 
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...
Catching the Golden Snitch- Leveraging Threat Intelligence Platforms to Defen...
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
 
The Technology perspective- Staffan Truvé, Recorded Future
The Technology perspective- Staffan Truvé, Recorded Future The Technology perspective- Staffan Truvé, Recorded Future
The Technology perspective- Staffan Truvé, Recorded Future
 
C3 Cyber
C3 CyberC3 Cyber
C3 Cyber
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark links
 

More from Japneet Singh

Bypassing DEP using ROP
Bypassing DEP using ROPBypassing DEP using ROP
Bypassing DEP using ROPJapneet Singh
 
Polarbear recent windows 0day
Polarbear recent windows 0dayPolarbear recent windows 0day
Polarbear recent windows 0dayJapneet Singh
 
Code signing and trust
Code signing and trustCode signing and trust
Code signing and trustJapneet Singh
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerJapneet Singh
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine LearningJapneet Singh
 
Exploiting the windows kernel
Exploiting the windows kernelExploiting the windows kernel
Exploiting the windows kernelJapneet Singh
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJapneet Singh
 

More from Japneet Singh (8)

Bypassing DEP using ROP
Bypassing DEP using ROPBypassing DEP using ROP
Bypassing DEP using ROP
 
Polarbear recent windows 0day
Polarbear recent windows 0dayPolarbear recent windows 0day
Polarbear recent windows 0day
 
Code signing and trust
Code signing and trustCode signing and trust
Code signing and trust
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine Learning
 
Exploiting the windows kernel
Exploiting the windows kernelExploiting the windows kernel
Exploiting the windows kernel
 
Reverse engineering
Reverse engineeringReverse engineering
Reverse engineering
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 

Recently uploaded

Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdfKamal Acharya
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 

Recently uploaded (20)

Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 

Advanced persistent threats

  • 2. Agenda • Few interesting real APT attacks • What’s an APT, what are the goals? • Attack Phases • Actors and attribution • Why there’s no end to it (yet!) • Further resources • Demo using Metasploit + Armitage
  • 3. The cuckoo’s egg • 1st known incident of cyber espionage • First observed intrusion in 1986 at Berkeley Lab • Espionage of confidential military documents • Culminated with arrests in Germany in 1990 • Alleged involvement of KGB
  • 4. Stuxnet • 1st known cyber weapon • Uncovered in 2010 • Destroyed nuclear centrifuges in Natanz, Iran • Alleged involvement of APT group(s) in Israel and US • Abused 4 0days in single attack!
  • 5. Gh0stNet • Widespread political espionage • Discovered in 2009 • Compromised systems in 100+ countries • Close to 30% systems belong to diplomatic, political, economic, and military targets • Alleged involvement of APT group(s) in China
  • 6. Operation Aurora • Aimed at multiple big corporations including Google, Adobe, etc. • Primary goal was to gain access to and modify source code repositories at these companies • Widespread industrial espionage • Alleged involvement of APT group(s) in China • Abused an IE 0day
  • 7. Few recent APTs • DNC email leak (2016) • Bangladesh Bank cyber heist (2016) • Olympic Destroyer (2018) • Ukraine power outage (2015) • Saudi Oil and Gas plant disruption (2017)
  • 8. What’s an APT • Targeted attack (Not every targeted attack is APT) • Advanced • Tools customized for target/campaign • Deception and trickery • Persistent • Low and slow • Hard to eradicate • Well funded and staffed • 0days, spearphising, rootkits, etc. • Mostly involve nation state level groups
  • 9. Goals • Industrial and military Espionage • Destruction • Demonstration of power • Financial motives • Hacktivism
  • 11. APT actors and attribution • There are real humans behind APTs • Multiple groups can be attributed to single country • Attribution is a hard problem • Pyramid of pain
  • 12. Why there’s no end to it (yet!) • Democracy of internet • Lack of deterrence • It’s an Arms Race!
  • 13. Further resources • Past APT reports https://github.com/kbandla/APTnotes New location https://github.com/aptnotes/data • ATT&CK framework, threats, actors etc. https://attack.mitre.org/ • Lockheed martin Kill chain • The cuckoo’s egg: Tracking a Spy Through the Maze of Computer Espionage • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon • Pyramid of pain (in Attribution)
  • 14. Demo • Metasploit • Armitage • Simulating Attack phases