#BsidesSF session on with Richard B. and T of Mandiant covered a lot of very interesting points. Specifically covered APT, China, Seriousness of attacks, marketing FUD, and kinetic vs cyber war fare. I posted messages as they came up during the meeting and have copied them below in their entirety.
. One man artisans are not posting high-res graphics b/c of copied versions appearing .. all lvls of biz at risk #BsidesSF #RSAC 10 minutes ago via TweetDeck
. RT @ira_victor: #BSidesSF: many attax not persitant, Chinese malware dies when plug pulled. They like PlausDeniability #RSAC 16 minutes ago via Tweet
. The technology that the developing world governments want to acquire is sitting around the U.S. and other countries #BsidesSF 17 minutes ago via TweetDeck
. Are DDoS attacks serious attacks .. ala APT? .. Sure.. since “advanced” definition matches safeguards seriuosness @bsidesSF #RSAC 25 minutes ago via TweetDeck
. “advanced” is the level required to exploit and defeat security systems #BsidesSF <– attacks do not need to be complex to work 26 minutes ago via TweetDeck
. RT @mirmirage: Hacked BBC streaming sites serve up malware http://reg.cx/1MP6 #security #RSAC <– 1. Identify big usr base 2. Add malware 30 minutes ago via TweetDeck
. RT @chenxiwang: There are much easier compnts to attck in a sys than going after the Crypto system. #RSAC <– Req residual risk visibility 32 minutes ago via TweetDeck
. #BsidesSF panel is a great blend of research based responses and a roasting of companies w/ poor PR / marketing 34 minutes ago via TweetDeck
. About 50 commercial victims to cyberattack were seen by Mandian. A large # was utilities. #bsideSsf 39 minutes ago via Echofon
. Panel: u have to have some level of respect to what is being executed by china. They are getting same quality of SigInt as U.S. #bsideSsf 40 minutes ago via Echofon
. Our culture is an affront on Chinese “network sovereignty”, such as Justin Bieber. #bsideSsf panel on #cyberwar 42 minutes ago via Echofon
Chinese believe we are already in a #cyberwar and that the U.S started it. #bsideSsf panel 44 minutes ago via Echofon
Expanded thoughts to consider also include:
The concept of APT and Advanced attacks is glamorous, but upon review it is commonly found that ‘simple’ attacks were the root cause of the breach. Caution should be applied that an attack and a breach are just that – respect the past and the simple attacks, while managing the more complex approaches to espionage and data level attacks.
What is valuable?
The technology that the developing world governments want to acquire is sitting around the U.S. and other countries undefended and exposed. Simpler to leap frog by building from these established systems (read: Utility companies, Manufacturing, etc…)
Great discussions and activity only wish could capture more of the discussions,
James DeLuccia IV