Uploaded byvicenteDiaz_KL
PDF, PPTX1,700 views

Opsec for security researchers

This document discusses operational security (OPSEC) best practices for security researchers. It begins by defining OPSEC and noting its importance for protecting sensitive work from adversaries. It then outlines various adversary threats, including common cybercriminals, organized groups, government agencies, and massive surveillance capabilities. The document provides guidance on implementing OPSEC at both individual and group levels, including compartmentalizing information, training others, and being careful about digital identities and tools. Key recommendations include encrypting all communications and data, using secure email, chat and phones, avoiding metadata leaks, and maintaining high OPSEC standards even internally. The overall message is that while OPSEC is difficult, researchers should start applying basic practices to protect their work and avoid becoming

Embed presentation

Download as PDF, PPTX
OPSEC FOR SECURITY RESEARCHERS Vicente Díaz Principal Security Analyst
WHAT IS THIS TALK ABOUT “Operational security identifies critical information to determine if friendly actions can be observed by adversary intelligence systems” • How does this apply to our industry? • No counter-intel. • Not only identify – apply best practices for good opsec.
YOU ALL HAVE HEARD OF OPSEC FAILURES We won´t talk about them again. Golden rule: Silence as a defensive discipline aka STFU. Warning: discipline level 80 needed
THE RULE IS PRETTY SIMPLE But we fail miserably. It´s in human nature to IMPRESS. Golden rule2: OPSEC does not work retrospectively.
I HAVE NO ENEMIES! Let´s put some context: _We work on cool stuff _We stumble upon “strange” things _The environment is sometimes poorly regulated _Hypocrisy vs red lines _Sense of invulnerability: we are the good guys, right? Not here to define the ethics of the industry!
BUT Could our work be interesting for someone else? Might it be perceived as dangerous for other´s interests? Are all our actions, as researchers, impeccable? We might be the weakest link, in terms of OPSEC, when collaborating with LE.
UNDER SCRUTINY We might be in a group of interest Objective: not become an individual of interest! Silence, but not complete. Avoid the escalation of surveillance: that means Game Over.
ADVERSARIES Broadly speaking: _Common cybercriminals _Non-common cybercriminals _Agencies _The future (or massive surveillance) Important: choose the OPSEC level you can adopt Otherwise – worse than not applying OPSEC at all.
Meet our adversaries MEET OUR ADVERSARIES
COMMON CYBERCRIMINALS
COMMON CYBERCRIMINALS
NON-COMMON CYBERCRIMINALS Let´s say, cybercrime is non their primary purpose. Organized, dangerous, have resources. Not directly the result of a direct investigation, stumble upon them. So what if our OPSEC was not good?
AGENCIES They have all the resources. Non technical approach, that we tend to forget exists. Usual approach: Recruitment.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest. Important: avoid being an anomaly!
IMPLEMENTATION Remember: be meticulous!
IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata “There are a variety of different risk perspectives you can use to design a threat model: adversary-centric, asset-centric, or software-centric. … The reason that a small, agile startup can devise elegant OPSEC measures, is the same reason that compartmentalizing your OPSEC procedures in an operation-centric point-of-view is effective.” Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
IDENTITIES Usual Opsec recommendation. Necessary sometimes, but extremely difficult to do right. An error means an advantage for the adversaries. Advice: avoid if possible. But if you cannot, Golden rule: avoid cross-contamination
TOOLS – QUICK REVIEW
MINIMUM TOOLSET NEEDED Encryption Mail IM Phone Internet Minimum real world skillz
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
E-MAIL Try to avoid it: metadata and the ID-ten-T problem. Avoid external providers: ProtonMail, LavaMail, Gmail PGP. If you use PGP, get a key bigger than 2048. IM with OTP is a much better option.
IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
REAL WORLD Don´t try to impress people – don´t be impressed when approached by an stranger. What if we are required by LE? Have a travel laptop, travel phone, and lots of pennies in your pocket.
IN SUMMARY
CONCLUSIONS Opsec is hard – good news, no spy level is required. Let´s start educating ourselves and applying it by default. Over tools – meticulousness. Good Opsec is the one we can apply.
QUESTIONS? Vicente Díaz Principal Security Analyst vicente.diaz@kaspersky.com @trompi

More Related Content

PDF
Click and Dragger: Denial and Deception on Android mobile
bygrugq
 
PDF
Analogic Opsec 101
byvicenteDiaz_KL
 
PDF
An Underground education
bygrugq
 
PPT
An Underground education
bygrugq
 
PPTX
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
byEC-Council
 
PPTX
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
byClare Nelson, CISSP, CIPP-E
 
PDF
Three Considerations To Amplify Your Detection and Response Program
byMorphick
 
PPTX
Crowd-Sourced Threat Intelligence
byAlienVault
 
Click and Dragger: Denial and Deception on Android mobile
bygrugq
 
Analogic Opsec 101
byvicenteDiaz_KL
 
An Underground education
bygrugq
 
An Underground education
bygrugq
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
byEC-Council
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
byClare Nelson, CISSP, CIPP-E
 
Three Considerations To Amplify Your Detection and Response Program
byMorphick
 
Crowd-Sourced Threat Intelligence
byAlienVault
 

What's hot

PDF
SACON - Deception Technology (Sahir Hidayatullah)
byPriyanka Aash
 
PDF
Weaponizing OSINT – Hacker Halted 2019 – Michael James
byEC-Council
 
PPTX
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
byFrode Hommedal
 
PDF
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
byEC-Council
 
PPTX
Jason Samide - State of Security & 2016 Predictions
bycentralohioissa
 
PDF
The Internet is on fire – don't just stand there, grab a bucket!
byFrode Hommedal
 
PPTX
Taking the Attacker Eviction Red Pill (v2.0)
byFrode Hommedal
 
PDF
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
byMITRE - ATT&CKcon
 
PDF
Pen-testing is Dead?
byAmmar WK
 
PDF
La Quadrature Du Cercle - The APTs That Weren't
bypinkflawd
 
PDF
A Journey Into Pen-tester land: Myths or Facts!
byAmmar WK
 
PPTX
Deception technology for advanced detection
byJisc
 
PDF
Defender economics
byaddelindh
 
PDF
Internet security lessons for IoT
byDirk Zittersteyn
 
PDF
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
byRoger Johnston
 
PPTX
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
byShawn Tuma
 
PDF
2018 CISSP Mentor Program Session 1
byFRSecure
 
PDF
2019 FRecure CISSP Mentor Program: Session Two
byFRSecure
 
PDF
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
byOWASP Delhi
 
PDF
Securing the “Weakest Link”
byPriyanka Aash
 
SACON - Deception Technology (Sahir Hidayatullah)
byPriyanka Aash
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
byEC-Council
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
byFrode Hommedal
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
byEC-Council
 
Jason Samide - State of Security & 2016 Predictions
bycentralohioissa
 
The Internet is on fire – don't just stand there, grab a bucket!
byFrode Hommedal
 
Taking the Attacker Eviction Red Pill (v2.0)
byFrode Hommedal
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
byMITRE - ATT&CKcon
 
Pen-testing is Dead?
byAmmar WK
 
La Quadrature Du Cercle - The APTs That Weren't
bypinkflawd
 
A Journey Into Pen-tester land: Myths or Facts!
byAmmar WK
 
Deception technology for advanced detection
byJisc
 
Defender economics
byaddelindh
 
Internet security lessons for IoT
byDirk Zittersteyn
 
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
byRoger Johnston
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
byShawn Tuma
 
2018 CISSP Mentor Program Session 1
byFRSecure
 
2019 FRecure CISSP Mentor Program: Session Two
byFRSecure
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
byOWASP Delhi
 
Securing the “Weakest Link”
byPriyanka Aash
 

Viewers also liked

KEY
OPSEC for hackers
bygrugq
 
PDF
Cyber opsec protecting_yourself_online
byFtlwood Families
 
PPT
OPSEC for Kids
byDepartment of Defense
 
PDF
Smr week 23 opsec and safe social networking
byFort Rucker FRSA
 
PDF
Conley Group Opsec Presentation
byThe Conley Group, Inc.
 
PPTX
OPSEC for OMBUDSMEN
byNaval OPSEC
 
PDF
OPSEC Case Study - Bush In Iraq
byDepartment of Defense
 
PPTX
OPSEC / PERSEC
byRmd Frg
 
PPT
OPSEC for Families
byDepartment of Defense
 
PDF
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
byPuppet
 
PDF
Invasive species commanders_guide
byDepartment of Defense
 
PPT
Employee Security Training[1]@
byR_Yanus
 
PDF
Preventing and Detecting Fraud in the Workplace
byDecosimoCPAs
 
PPSX
4 Operations Security
byAlfred Ouyang
 
OPSEC for hackers
bygrugq
 
Cyber opsec protecting_yourself_online
byFtlwood Families
 
OPSEC for Kids
byDepartment of Defense
 
Smr week 23 opsec and safe social networking
byFort Rucker FRSA
 
Conley Group Opsec Presentation
byThe Conley Group, Inc.
 
OPSEC for OMBUDSMEN
byNaval OPSEC
 
OPSEC Case Study - Bush In Iraq
byDepartment of Defense
 
OPSEC / PERSEC
byRmd Frg
 
OPSEC for Families
byDepartment of Defense
 
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
byPuppet
 
Invasive species commanders_guide
byDepartment of Defense
 
Employee Security Training[1]@
byR_Yanus
 
Preventing and Detecting Fraud in the Workplace
byDecosimoCPAs
 
4 Operations Security
byAlfred Ouyang
 

Similar to Opsec for security researchers

PPT
Conley Group Operational Security Presentation
byguest019923
 
PPTX
Operational Security For All OPSEC_for_ALL_221026.pptx
bypoeja84
 
PDF
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
byAT-NET Services, Inc. - Charleston Division
 
PDF
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
byCODE BLUE
 
PPTX
Intro to INFOSEC
bySean Whalen
 
PDF
Hunting for cyber threats targeting weapon systems
byFidelis Cybersecurity
 
PPTX
NZISF Talk: Six essential security services
byHinne Hettema
 
PDF
Brochure protect operational_info_sm1
byNoel Waterman
 
PPTX
Janitor vs cleaner
byJohn Stauffacher
 
PDF
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
PPTX
Defending Enterprise IT - beating assymetricality
byClaus Cramon Houmann
 
PPT
DOC_OPSEC security operations of a group.ppt
byDavidweshwak1
 
PDF
Social Networks And Phishing
byecarrow
 
PPTX
What is Information Security and why you should care ...
byJames Mulhern
 
PPTX
Cybersecurity in 2016
byBen Finke
 
PPTX
Civilian OPSEC in cyberspace
byzapp0
 
PPT
Risk Assessment And Management
byvikasraina
 
PPT
Indusrty Strategy For Action
byBarry Greene
 
PPTX
Practical Cyber: Lessons from 500,000 Miles of Security Evangelism
byBen Johnson
 
PPTX
11 19-2015 - iasaca membership conference - the state of security
byMatthew Pascucci
 
Conley Group Operational Security Presentation
byguest019923
 
Operational Security For All OPSEC_for_ALL_221026.pptx
bypoeja84
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
byAT-NET Services, Inc. - Charleston Division
 
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
byCODE BLUE
 
Intro to INFOSEC
bySean Whalen
 
Hunting for cyber threats targeting weapon systems
byFidelis Cybersecurity
 
NZISF Talk: Six essential security services
byHinne Hettema
 
Brochure protect operational_info_sm1
byNoel Waterman
 
Janitor vs cleaner
byJohn Stauffacher
 
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
Defending Enterprise IT - beating assymetricality
byClaus Cramon Houmann
 
DOC_OPSEC security operations of a group.ppt
byDavidweshwak1
 
Social Networks And Phishing
byecarrow
 
What is Information Security and why you should care ...
byJames Mulhern
 
Cybersecurity in 2016
byBen Finke
 
Civilian OPSEC in cyberspace
byzapp0
 
Risk Assessment And Management
byvikasraina
 
Indusrty Strategy For Action
byBarry Greene
 
Practical Cyber: Lessons from 500,000 Miles of Security Evangelism
byBen Johnson
 
11 19-2015 - iasaca membership conference - the state of security
byMatthew Pascucci
 

Recently uploaded

PPTX
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
PPTX
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
PDF
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
PDF
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
PDF
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
PDF
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 

Opsec for security researchers

  • 1.
    OPSEC FOR SECURITYRESEARCHERS Vicente Díaz Principal Security Analyst
  • 2.
    WHAT IS THISTALK ABOUT “Operational security identifies critical information to determine if friendly actions can be observed by adversary intelligence systems” • How does this apply to our industry? • No counter-intel. • Not only identify – apply best practices for good opsec.
  • 3.
    YOU ALL HAVEHEARD OF OPSEC FAILURES We won´t talk about them again. Golden rule: Silence as a defensive discipline aka STFU. Warning: discipline level 80 needed
  • 4.
    THE RULE ISPRETTY SIMPLE But we fail miserably. It´s in human nature to IMPRESS. Golden rule2: OPSEC does not work retrospectively.
  • 5.
    I HAVE NOENEMIES! Let´s put some context: _We work on cool stuff _We stumble upon “strange” things _The environment is sometimes poorly regulated _Hypocrisy vs red lines _Sense of invulnerability: we are the good guys, right? Not here to define the ethics of the industry!
  • 6.
    BUT Could ourwork be interesting for someone else? Might it be perceived as dangerous for other´s interests? Are all our actions, as researchers, impeccable? We might be the weakest link, in terms of OPSEC, when collaborating with LE.
  • 7.
    UNDER SCRUTINY Wemight be in a group of interest Objective: not become an individual of interest! Silence, but not complete. Avoid the escalation of surveillance: that means Game Over.
  • 8.
    ADVERSARIES Broadly speaking: _Common cybercriminals _Non-common cybercriminals _Agencies _The future (or massive surveillance) Important: choose the OPSEC level you can adopt Otherwise – worse than not applying OPSEC at all.
  • 9.
    Meet our adversaries MEET OUR ADVERSARIES
  • 10.
  • 11.
  • 12.
    NON-COMMON CYBERCRIMINALS Let´ssay, cybercrime is non their primary purpose. Organized, dangerous, have resources. Not directly the result of a direct investigation, stumble upon them. So what if our OPSEC was not good?
  • 13.
    AGENCIES They haveall the resources. Non technical approach, that we tend to forget exists. Usual approach: Recruitment.
  • 14.
    MASSIVE SURVEILLANCE –AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
  • 15.
    MASSIVE SURVEILLANCE –AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
  • 16.
    MASSIVE SURVEILLANCE –AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest. Important: avoid being an anomaly!
  • 17.
  • 18.
    IMPLEMENTATION PROCESS -APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
  • 19.
    IMPLEMENTATION PROCESS -APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata “There are a variety of different risk perspectives you can use to design a threat model: adversary-centric, asset-centric, or software-centric. … The reason that a small, agile startup can devise elegant OPSEC measures, is the same reason that compartmentalizing your OPSEC procedures in an operation-centric point-of-view is effective.” Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
  • 20.
    HOW TO IMPLEMENTIN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
  • 21.
    HOW TO IMPLEMENTIN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
  • 22.
    IDENTITIES Usual Opsecrecommendation. Necessary sometimes, but extremely difficult to do right. An error means an advantage for the adversaries. Advice: avoid if possible. But if you cannot, Golden rule: avoid cross-contamination
  • 23.
  • 24.
    MINIMUM TOOLSET NEEDED Encryption Mail IM Phone Internet Minimum real world skillz
  • 25.
    ENCRYPTION Inherent flaws– once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 26.
    ENCRYPTION Inherent flaws– once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 27.
    ENCRYPTION Inherent flaws– once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 28.
    ENCRYPTION Inherent flaws– once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 29.
    E-MAIL Try toavoid it: metadata and the ID-ten-T problem. Avoid external providers: ProtonMail, LavaMail, Gmail PGP. If you use PGP, get a key bigger than 2048. IM with OTP is a much better option.
  • 30.
    IM Adium andPidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
  • 31.
    IM Adium andPidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
  • 32.
    TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
  • 33.
    TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
  • 34.
    PHONE Look, betternot to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
  • 35.
    PHONE Look, betternot to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
  • 36.
    REAL WORLD Don´ttry to impress people – don´t be impressed when approached by an stranger. What if we are required by LE? Have a travel laptop, travel phone, and lots of pennies in your pocket.
  • 37.
  • 38.
    CONCLUSIONS Opsec ishard – good news, no spy level is required. Let´s start educating ourselves and applying it by default. Over tools – meticulousness. Good Opsec is the one we can apply.
  • 39.
    QUESTIONS? Vicente Díaz Principal Security Analyst vicente.diaz@kaspersky.com @trompi