SlideShare a Scribd company logo

Analogic Opsec 101

V
vicenteDiaz_KL

The document discusses operational security (OPSEC) best practices for security analysts. It warns that adversaries are not necessarily enemies and have varying levels of resources. It advises analysts to be wary of mass surveillance by agencies and to use encrypted communication tools. When meeting suspicious people, analysts should not go alone, plan an exit, and have a dead man's switch. At borders, analysts should be collaborative with officers but not consent to searches or help without a warrant. Overall the document stresses preparation, having alternatives, and maintaining discipline over relying solely on tools when doing their work.

Education
1 of 15
Download to read offline
OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
OPSEC AGAIN! WHY? 2 •  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
ADVERSARIES 3 •  Adversary != Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
MASS SURVEILLANCE 4 •  Good ROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
MASS SURVEILLANCE 5 •  Some inherent problems •  And some non-technical problems Security Analyst Summit 2015
RECRUITMENT 6Security Analyst Summit 2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
TERMINATION 7Security Analyst Summit 2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
SUSPICIOUS MEETINGS 8 •  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
UNPLEASANT COMPANY 9 •  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
BORDERS 10 •  If you consent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
BORDERS – OUR ADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
EXTENDING OPSEC 12 Your company should provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
13Security Analyst Summit 2015 Do your homework.
CONCLUSION 14 •  STFU. •  Discipline over tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
THANK YOU Dani Creus Vicente Díaz @them0ux @trompi

Recommended

Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
vicenteDiaz_KL
 
Click and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobileClick and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobile
grugq
 
An Underground education
An Underground educationAn Underground education
An Underground education
grugq
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
Clare Nelson, CISSP, CIPP-E
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligence
centralohioissa
 
Developing Software with Security in Mind
Developing Software with Security in MindDeveloping Software with Security in Mind
Developing Software with Security in Mind
sblom
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
EC-Council
 
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
Ben Ten (0xA)
 

Recommended

Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
vicenteDiaz_KL
 
Click and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobileClick and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobile
grugq
 
An Underground education
An Underground educationAn Underground education
An Underground education
grugq
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
Clare Nelson, CISSP, CIPP-E
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligence
centralohioissa
 
Developing Software with Security in Mind
Developing Software with Security in MindDeveloping Software with Security in Mind
Developing Software with Security in Mind
sblom
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
EC-Council
 
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
Ben Ten (0xA)
 
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE - ATT&CKcon
 
Enabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responseEnabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident response
jeffmcjunkin
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!
Frode Hommedal
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
centralohioissa
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
Ammar WK
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beings
zekivazquez
 
Machine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedMachine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wanted
Cyphort
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
John Stauffacher
 
Internet security lessons for IoT
Internet security lessons for IoTInternet security lessons for IoT
Internet security lessons for IoT
Dirk Zittersteyn
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
EC-Council
 
Управление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзииУправление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзии
Positive Hack Days
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
HIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and ControlsHIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and Controls
Tony Gambacorta
 
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE - ATT&CKcon
 
Threat Intelligence Victory Garden
Threat Intelligence Victory GardenThreat Intelligence Victory Garden
Threat Intelligence Victory Garden
Ryan Kovar
 
Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To
IDERA Software
 
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
Alerting, Reminding, Reminding, Reminding And Releasing VulnerabilitiesAlerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
tmacuk
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin
 
Purple View
Purple ViewPurple View
Purple View
Haydn Johnson
 
Will there be an IT Risk Management 2.0?
Will there be an IT Risk Management 2.0?Will there be an IT Risk Management 2.0?
Will there be an IT Risk Management 2.0?
Luke O'Connor
 
OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackers
grugq
 
Smr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingSmr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networking
Fort Rucker FRSA
 

More Related Content

What's hot

MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE - ATT&CKcon
 
Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To
IDERA Software
 

What's hot (20)

MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
 
Enabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responseEnabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident response
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beings
 
Machine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedMachine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wanted
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Internet security lessons for IoT
Internet security lessons for IoTInternet security lessons for IoT
Internet security lessons for IoT
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
 
Управление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзииУправление рисками: как перестать верить в иллюзии
Управление рисками: как перестать верить в иллюзии
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
 
HIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and ControlsHIMSS Summit of the Southeast: Compliance and Controls
HIMSS Summit of the Southeast: Compliance and Controls
 
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
 
Threat Intelligence Victory Garden
Threat Intelligence Victory GardenThreat Intelligence Victory Garden
Threat Intelligence Victory Garden
 
Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To
 
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
Alerting, Reminding, Reminding, Reminding And Releasing VulnerabilitiesAlerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004
 
Purple View
Purple ViewPurple View
Purple View
 
Will there be an IT Risk Management 2.0?
Will there be an IT Risk Management 2.0?Will there be an IT Risk Management 2.0?
Will there be an IT Risk Management 2.0?
 

Viewers also liked

Smr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingSmr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networking
Fort Rucker FRSA
 
Cyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineCyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_online
Ftlwood Families
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
Fatih Ozavci
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
qqlan
 
The Art of VoIP Hacking - Defcon 23 Workshop
The Art of VoIP Hacking - Defcon 23 WorkshopThe Art of VoIP Hacking - Defcon 23 Workshop
The Art of VoIP Hacking - Defcon 23 Workshop
Fatih Ozavci
 

Viewers also liked (11)

OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackers
 
Smr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingSmr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networking
 
Conley Group Opsec Presentation
Conley Group Opsec PresentationConley Group Opsec Presentation
Conley Group Opsec Presentation
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
Cyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineCyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_online
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
 
VoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco PhonesVoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco Phones
 
VoIP Wars : Return of the SIP
VoIP Wars : Return of the SIP VoIP Wars : Return of the SIP
VoIP Wars : Return of the SIP
 
Try harder or go home
Try harder or go homeTry harder or go home
Try harder or go home
 
The Art of VoIP Hacking - Defcon 23 Workshop
The Art of VoIP Hacking - Defcon 23 WorkshopThe Art of VoIP Hacking - Defcon 23 Workshop
The Art of VoIP Hacking - Defcon 23 Workshop
 

Similar to Analogic Opsec 101

Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Later
centralohioissa
 
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Alexandre Sieira
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident Response
Christopher Beiring
 
Implementing a Trade Show Intelligence program
Implementing a Trade Show Intelligence programImplementing a Trade Show Intelligence program
Implementing a Trade Show Intelligence program
TrainOurTroops.org
 
10 Critical Habits of Effective Security Managers
10 Critical Habits of Effective Security Managers10 Critical Habits of Effective Security Managers
10 Critical Habits of Effective Security Managers
Jack Nichelson
 
What Makes A Great Data Scientist?
What Makes A Great Data Scientist?What Makes A Great Data Scientist?
What Makes A Great Data Scientist?
Teradata Aster
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
Evan Francen
 
Above the Code Dreamit Ventures New York
Above the Code Dreamit Ventures New YorkAbove the Code Dreamit Ventures New York
Above the Code Dreamit Ventures New York
Alan Weinkrantz
 

Similar to Analogic Opsec 101 (20)

10 Critical Mistakes in Workplace Investigation Programs and How to Avoid Them
10 Critical Mistakes in Workplace Investigation Programs and How to Avoid Them10 Critical Mistakes in Workplace Investigation Programs and How to Avoid Them
10 Critical Mistakes in Workplace Investigation Programs and How to Avoid Them
 
Deral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail LaterDeral Heiland - Fail Now So I Don't Fail Later
Deral Heiland - Fail Now So I Don't Fail Later
 
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
 
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
Reverse Engineering the Wetware: Understanding Human Behavior to Improve Info...
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident Response
 
58th ICCA Congress | Cyber Security
58th ICCA Congress | Cyber Security58th ICCA Congress | Cyber Security
58th ICCA Congress | Cyber Security
 
Implementing a Trade Show Intelligence program
Implementing a Trade Show Intelligence programImplementing a Trade Show Intelligence program
Implementing a Trade Show Intelligence program
 
Problem Exploration for Lean Startups
Problem Exploration for Lean StartupsProblem Exploration for Lean Startups
Problem Exploration for Lean Startups
 
Accident investigation BY Muhammad Fahad Ansari 12IEEM14
Accident investigation BY Muhammad Fahad Ansari 12IEEM14Accident investigation BY Muhammad Fahad Ansari 12IEEM14
Accident investigation BY Muhammad Fahad Ansari 12IEEM14
 
What's it like to be in a LikeMIND™ session?
What's it like to be in a LikeMIND™ session?What's it like to be in a LikeMIND™ session?
What's it like to be in a LikeMIND™ session?
 
The LikeMIND™ experience
The LikeMIND™ experienceThe LikeMIND™ experience
The LikeMIND™ experience
 
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdfHard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
 
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mysteryHR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
 
L1 1.1 10 things you need to know before doing your own qualitative research
L1 1.1 10 things you need to know before doing your own qualitative researchL1 1.1 10 things you need to know before doing your own qualitative research
L1 1.1 10 things you need to know before doing your own qualitative research
 
2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent Them2012 777 The Seven Blind Spots in Business and How to Prevent Them
2012 777 The Seven Blind Spots in Business and How to Prevent Them
 
10 Critical Habits of Effective Security Managers
10 Critical Habits of Effective Security Managers10 Critical Habits of Effective Security Managers
10 Critical Habits of Effective Security Managers
 
What Makes A Great Data Scientist?
What Makes A Great Data Scientist?What Makes A Great Data Scientist?
What Makes A Great Data Scientist?
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
WTM Fresh - Timothy O'Neil-Dunne Notes for the field
WTM Fresh - Timothy O'Neil-Dunne Notes for the fieldWTM Fresh - Timothy O'Neil-Dunne Notes for the field
WTM Fresh - Timothy O'Neil-Dunne Notes for the field
 
Above the Code Dreamit Ventures New York
Above the Code Dreamit Ventures New YorkAbove the Code Dreamit Ventures New York
Above the Code Dreamit Ventures New York
 

Recently uploaded

Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Recently uploaded (20)

ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Analogic Opsec 101

  • 1. OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
  • 2. OPSEC AGAIN! WHY? 2 •  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
  • 3. ADVERSARIES 3 •  Adversary != Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
  • 4. MASS SURVEILLANCE 4 •  Good ROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
  • 5. MASS SURVEILLANCE 5 •  Some inherent problems •  And some non-technical problems Security Analyst Summit 2015
  • 6. RECRUITMENT 6Security Analyst Summit 2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
  • 7. TERMINATION 7Security Analyst Summit 2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
  • 8. SUSPICIOUS MEETINGS 8 •  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
  • 9. UNPLEASANT COMPANY 9 •  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
  • 10. BORDERS 10 •  If you consent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
  • 11. BORDERS – OUR ADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
  • 12. EXTENDING OPSEC 12 Your company should provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
  • 13. 13Security Analyst Summit 2015 Do your homework.
  • 14. CONCLUSION 14 •  STFU. •  Discipline over tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
  • 15. THANK YOU Dani Creus Vicente Díaz @them0ux @trompi