How to Fight an APT attack - Identifying and Responding to a visit from China

No ratings

Presented at ISSAinternationalcon 2014 by

John Henderson

Ron Pelletier

Jeff Foresman

This presentation is an actual case study of an advanced attack that originated from China and breached a client’s network. We will do a step-by-step review how the original malware was discovered, the different types of malware used, how we identified the extent of the breach, how the remediation was planned and how the malware was removed. We will discuss what went right and mistakes that were made during the process. We will also discuss the open source and commercial tools used during the detection and remediation process.