SlideShare a Scribd company logo

China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

OWASP Ottawa
OWASP Ottawa

Dave Ockwell-Jenner explains the common cyber espionage techniques used by the "comment crew" (APT1). A video of his excellent demo can be found here https://www.youtube.com/watch?v=2rJ2tHeb5yQ

TechnologyBusiness
1 of 8
About Me • Senior Security Architect for SITA – IT & Communications specialists for the Air Transport Industry – Created and manage software security program • Owner of Prime Information Security – Boutique security consultancy specializing in small-medium enterprise • Previously worked with RIMBlackBerry, TELUS, Nortel • And… – Creator of the 37th ever web site! – Blogger for TELUS – Co-Author of SANS course Developing Defensible Java EE Solutions – Co-Founder of the Small Business Community Network (SBCN) – House DJ and Producer
Hunting Wabbits • Tracking Evil Bad Guys™ for the past several years – Looking at intrusion techniques, malware and exfiltration – The so-called ‘Advanced Persistent Threat’ • Not so much ‘Advanced’ but ‘Annoying’ • APT1 – Digital forensics firm MANDIANT recently claimed well-known hacking group to be an office of the Chinese People’s Liberation Army (PLA) – I may or may not have some experience with our Chinese friends!
How Advanced, is Advanced? • If I can understand it, it’s not very advanced – The organization and effectiveness is clever, but the techniques are something we can all understand • Why don’t we take a look at a recreation of an actual attack? – In time-honoured Looney Tunes tradition, we’ll use a fictional company called ACME, makers of…
Demo: Rules of Engagement • Please keep in mind, what you’re about to see and hear is for educational purposes ONLY • Please ask lots of questions • If something doesn’t work, it has nothing to do with my awesome talent… … it’s clearly a hardware problem
ACME Labs
What did we learn? • Simple malware is really easy to make and yet quite effective – Malware is really easy to hide from AV • Once compromised, it’s pretty trivial to snoop around further and steal loot – But we can make it more difficult • Our web sites & apps might be a hiding place for command/control of infected systems – So make sure our sites/apps are secured—see OWASP!
Thanks! doj@primeinfosec.com @daveoj mixcloud.com/daveoj

Recommended

10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end usersProgressive Integrations
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry PiCyberGuider IT Services Inc.
 
Internet Safety tips for Parents of Christian Children
Internet Safety tips for Parents of Christian ChildrenInternet Safety tips for Parents of Christian Children
Internet Safety tips for Parents of Christian Childrennickswebtsv
 
Personal security
Personal securityPersonal security
Personal securityDirectorate of Information Security | Ditjen Aptika
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net Presencegueste0b5fe
 
How to secure a safe teleworking environment
How to secure a safe teleworking environment How to secure a safe teleworking environment
How to secure a safe teleworking environment LCpublicrelations
 
Does your Data have Super-Powers?
Does your Data have Super-Powers?Does your Data have Super-Powers?
Does your Data have Super-Powers?Rob Levey
 
Internet security
Internet securityInternet security
Internet securityMohammed Adam
 

Recommended

10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end usersProgressive Integrations
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry PiCyberGuider IT Services Inc.
 
Internet Safety tips for Parents of Christian Children
Internet Safety tips for Parents of Christian ChildrenInternet Safety tips for Parents of Christian Children
Internet Safety tips for Parents of Christian Childrennickswebtsv
 
Personal security
Personal securityPersonal security
Personal securityDirectorate of Information Security | Ditjen Aptika
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net Presencegueste0b5fe
 
How to secure a safe teleworking environment
How to secure a safe teleworking environment How to secure a safe teleworking environment
How to secure a safe teleworking environment LCpublicrelations
 
Does your Data have Super-Powers?
Does your Data have Super-Powers?Does your Data have Super-Powers?
Does your Data have Super-Powers?Rob Levey
 
Internet security
Internet securityInternet security
Internet securityMohammed Adam
 
An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In LibrariesBlake Carver
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433Terry Gilsenan
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNorth Texas Chapter of the ISSA
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Best Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh DewasiBest Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh DewasiBhavesh Dewasi
 
Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...EC-Council
 
Next generation pentest your company cannot buy
Next generation pentest your company cannot buyNext generation pentest your company cannot buy
Next generation pentest your company cannot buyVlad Styran
 
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...UISGCON
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...Wojciech Seliga
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Robi Sen
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...Claus Cramon Houmann
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 

More Related Content

Similar to China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In LibrariesBlake Carver
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433Terry Gilsenan
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNorth Texas Chapter of the ISSA
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Best Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh DewasiBest Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh DewasiBhavesh Dewasi
 
Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...EC-Council
 
Next generation pentest your company cannot buy
Next generation pentest your company cannot buyNext generation pentest your company cannot buy
Next generation pentest your company cannot buyVlad Styran
 
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...UISGCON
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...Wojciech Seliga
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Robi Sen
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...Claus Cramon Houmann
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 

Similar to China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa) (20)

An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented Defence
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM Techniques
 
terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433terry-gilsenan-pie-operating.10433
terry-gilsenan-pie-operating.10433
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
 
Best Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh DewasiBest Ethical Hacking Training By Bhavesh Dewasi
Best Ethical Hacking Training By Bhavesh Dewasi
 
Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...Incorporating Threat Intelligence into Your Enterprise Communications Systems...
Incorporating Threat Intelligence into Your Enterprise Communications Systems...
 
Next generation pentest your company cannot buy
Next generation pentest your company cannot buyNext generation pentest your company cannot buy
Next generation pentest your company cannot buy
 
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?
 
Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...Ten lessons I painfully learnt while moving from software developer to entrep...
Ten lessons I painfully learnt while moving from software developer to entrep...
 
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...Everything is not awesome: The rising threat of Cyber-attack and what to do a...
Everything is not awesome: The rising threat of Cyber-attack and what to do a...
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
 
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
Thought Leader Global 2014 Amsterdam: Taking Security seriously -> Going beyo...
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
 

Recently uploaded

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenner (OWASP Ottawa)

  • 1.
  • 2. About Me • Senior Security Architect for SITA – IT & Communications specialists for the Air Transport Industry – Created and manage software security program • Owner of Prime Information Security – Boutique security consultancy specializing in small-medium enterprise • Previously worked with RIMBlackBerry, TELUS, Nortel • And… – Creator of the 37th ever web site! – Blogger for TELUS – Co-Author of SANS course Developing Defensible Java EE Solutions – Co-Founder of the Small Business Community Network (SBCN) – House DJ and Producer
  • 3. Hunting Wabbits • Tracking Evil Bad Guys™ for the past several years – Looking at intrusion techniques, malware and exfiltration – The so-called ‘Advanced Persistent Threat’ • Not so much ‘Advanced’ but ‘Annoying’ • APT1 – Digital forensics firm MANDIANT recently claimed well-known hacking group to be an office of the Chinese People’s Liberation Army (PLA) – I may or may not have some experience with our Chinese friends!
  • 4. How Advanced, is Advanced? • If I can understand it, it’s not very advanced – The organization and effectiveness is clever, but the techniques are something we can all understand • Why don’t we take a look at a recreation of an actual attack? – In time-honoured Looney Tunes tradition, we’ll use a fictional company called ACME, makers of…
  • 5. Demo: Rules of Engagement • Please keep in mind, what you’re about to see and hear is for educational purposes ONLY • Please ask lots of questions • If something doesn’t work, it has nothing to do with my awesome talent… … it’s clearly a hardware problem
  • 7. What did we learn? • Simple malware is really easy to make and yet quite effective – Malware is really easy to hide from AV • Once compromised, it’s pretty trivial to snoop around further and steal loot – But we can make it more difficult • Our web sites & apps might be a hiding place for command/control of infected systems – So make sure our sites/apps are secured—see OWASP!