Does a BEAR Leak in the Woods? What the DNC breach, Guccifer and Russian APT’s have taught us about attribution analysis

Management (801B) November 14, 2017 2:40 pm - 3:40 pm Feedback     

Bookmark and Share

Toni Gidwani

The June 2016 revelations of the DNC breach by two Russia-based advanced persistent threat groups was only the beginning of a series of strategic leaks and conflicting attribution claims. In this presentation we’ll demonstrate techniques used to identify additional malicious infrastructure, evaluate the validity of “faketivists” like the Guccifer 2.0 persona, and strengths and gaps in the attribution analysis. It will highlight how to integrate different tools and sources of information (vendor agnostic) in a way that security practitioners can use in their own organizations.