Using Hackers' Own Methods & Tools to Defeat Persistent Adversaries

No ratings

Presented at BsidesConnecticut 2014 by

Michael Davis

In today’s world of advanced cyber threats, security professionals need to implement new methods and strategies to gain the upper hand in protecting their business. Thinking like an attacker isn't really good enough. However, incorporating hacker methodologies & tools will give security teams the situational awareness and intelligence needed to respond quickly to new & previously unknown threats. The security industry is changing. For some, it’s a good thing, and for others, they're watching their antiquated ways of failing to prevent exploits become irrelevant for smart security teams. Why? For starters, attackers are eating traditional technologies for breakfast. Hackers are more sophisticated, and already have volumes of intel on you and your company, including the technologies deployed to defend your infrastructure. Second, it’s becoming increasingly more difficult to simply rely on ‘building a bigger wall,’ because you cannot defend against persistency. A fundamentally different security mindset is needed to address well-organized, well-funded, and sophisticated attackers who focus squarely on circumventing your defenses. This includes using attacker technology and tools against the attackers, incorporating the same stealth techniques that attackers use into your defenses, leveraging forensics at the point of attack to understand what you are dealing with, and using analytics to understand attacker behavior to draw conclusions on specific areas of your systems that require attention.