2021-10-14, 17:00–17:10, The Point
Despite several thousand companies in the security space doing everything from PR to deep
packet inspection and threat intelligence, the internet is still very much lawless, international
waters. Largely because policymakers and elected officials just "aren’t computer people" and
are woefully underprepared to deal with highly technical topics. Add to this that most
organizations do not actually do much real security - they only do whatever their corporate
compliance legally requires, and few companies do anything more. The result of this
arrangement is that ransomware gangs and other flavors of attackers can do whatever they
want with impunity - and they're getting creative about it. In this presentation we'll cover some
of the threat landscape we've seen in recent years, and what businesses and governments are
doing to stay on top of things.
This is a high-level talk about the colorful antics that attackers are getting up to outside of the typical "phish-to-ransomware" approach that has become popular in the last few years. The bar isn't going up, exactly, but more like the bar is getting wider. Attackers are employing interesting and colorful tactics and these sorts of behaviors typically fall outside of the comfort-zone of defenders, as they will involve things like sim cloning, DNS attacks, theft of cookies and taking advantage of lax business logic and misconfigurations to avoid triggering sensors by using actual exploits, or doing things like classical scan-and-attack techniques. Defenders will get an idea of some of the new tricks attackers are deploying, and attackers may learn some new tricks!