DeepSec 2016 Talk: Unveiling Patchwork – Gadi Evron
Nation state attacks are very popular – in the news and in reality. High gain, low profile, maximum damage. From the point of information security it is always very insightful to study the anatomy of these attacks once they are known. Looking at ways components fail, methods adversaries use for their own advantage, and thinking of possible remedies strengthens your defence. At DeepSec 2016 Gadi Evron will share knowledge about an operation that went after government systems all around the world.
Patchwork is a highly successful nation state targeted attack operation, which infected approximately 2,500 high-value targets such as governments, worldwide. It is the first targeted threat captured using a commercial cyber deception platform. In his talk Gadi Evron will share how deception was used to catch the threat actor, and later on secure their second stage malware and lateral movement activity. Examining this threat actor is especially interesting as on the one hand it displayed an extremely sophisticated intelligence and operational capability, carefully choosing targets, successfully compromising them, and scaling the operation, while on the other hand, technologically their toolset is built like a patchwork quilt, a combination of snippets of code taken from various online forums and from GitHub that any kid off the street could build.
Patchwork is not a hypothetical attack. It already happened, and it is real. We recommend to attend this presentation to anyone being involved with defending networks and systems. Learn from actual incidents.
Gadi is the Founder and CEO of Cymmetria, a cyber security startup that is pioneering the space of cyber deception. He is also Founder and Chairman of the Board of the Israeli CERT, Founding Chairman of the Cyber Threat Intelligence Alliance (CTIA), and Founder of the Israeli Government CERT. Gadi is widely recognized for his work in Internet security operation and
global incident response, and is considered the first botnet expert.
Prior to founding Cymmetria, Gadi was VP of Cybersecurity Strategy for Kaspersky Lab, led PwC’s Cyber Security Center of Excellence (located in Israel), and was CISO of the Israeli government’s Internet operations. He has authored two books on the topic of information security, organizes global professional working groups, chairs worldwide conferences, and is a