1 / 9

ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations

ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations. By Tom Madden, Chief Information Security Officer, Centers for Disease Control and Prevention. BACKGROUND. 34 years with the federal government

malia
Download Presentation

ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations By Tom Madden, Chief Information Security Officer, Centers for Disease Control and Prevention

  2. BACKGROUND • 34 years with the federal government • 27 years involved in cyber security (was cyber security when cyber security wasn’t cool) • 18 years in the nuclear weapons program • Became CDC’s first CISO in 2003 • Entered the Senior Executive Service in 2008 • Most memorable quote from a JSU Professor in 1983 • Proud double alum of Jacksonville State University

  3. Participated in the National Critical Infrastructure Intelligence Committee with DNI, CIA, DIA, and FBI among others to determine national threat priorities

  4. TWO MODELS • Two fundamental models of attack after very different data • A third model encompasses the conventional hacker who has different motives than the APT model • Rarely coordinated • Generally small in scope • Cannot be ignored

  5. EUROPEAN MODEL • Resembles a crime syndicate • Targets financial institutions and other movers of money • Extreme Stealth • Leave very little behind • Not well understood

  6. ASIAN MODEL • Extremely well organized • Not after money – after data – any data • Appears to be state sponsored • Uses K-12 and large university systems as “drops” • If not caught in the act (.rar 443) almost impossible to detect (needle in haystack)

  7. WHAT CAN YOU (WE) DO • Education – education – education • Teach developers security (cross site scripting and sql injection almost always present) • Scan apps in development • Harden domain controllers • Two factor authentication for all elevated actions

  8. SOCIAL ENGINEERING THAT WORKS • The conference approach – use hospitality • The birthday approach • Common interests • Visitor out smoking at the back door • Service and repair

  9. QUESTIONS and DISCUSSION • A word about jobs!!! • ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations • Tom Madden • 770-488-8666 • aqt6@cdc.gov

More Related