Central-VA-ISSA-Jan-2013-Meeting

The Human Aspect of Targeted/Apt Attacks

Looking at the human aspect of offensive cyber operations is one of the most interesting parts of a malware analyst’s day. Malware that was generated by an algorithm, such as a polymorphic PDF, is a little boring because you know you aren’t fighting against a human on the other side of the keyboard. However, when dealing with nation-state sponsored intrusions, or at least deliberate attacks against a specific group of people, it’s interesting to look at the different stages of the attack, from victim selection, to attack method, to what kind of data is exfiltrated.

Speaker: Alex Lanstein , Sr Engineer, FireEye

A senior engineer at FireEye, Alex handles a broad set of responsibilities including security research, engineering, and supporting unique customer requirements. Previous to working exclusively on the APT threat, he worked with the Microsoft Digital Crimes Unit to take down Rustock, and helped lead the takedowns of botnets such as Srizbi and Mega-D, significantly reducing worldwide spam. His research has been published by The Washington Post, The Register, and Cisco Systems. His areas of expertise include malware analysis, client-side exploits, and heuristic botnet detection.