Las Vegas, NV
Team Norway was in Las Vegas last week for Black Hat, the internationally recognized cyber-security event series providing the most technical and relevant information in security research. The conference provides a forum to discuss the needs of the global security community, striving to bring together the best minds in the industry. The team attended numerous seminars and walked the floor to understand what the cyber security are focusing on, what may be relevant to our Norwegian community and discuss potential future threats.
Amir Landau’s (CyberArk) seminar on the Russia/Ukraine war hacking scandals focused on the Conti leak in the early days of the war. The significance of the attack was the human driven nature of the process. The organization used psychological techniques, namely that members were unaware of the ‘big picture’, to generate thousands of dollars a month (approximately $164,000). The attacks were designed to target privileges and personally evade those being hacked, which was the essential pattern of the Conti group. Landau stated they were simply a “evil, well managed group, segregated in nature but grew off one-day vulnerability”. There was no doubt that the human driven element was the most concerning aspect of the attack. After all, “the most vulnerable thing in any security is the human element” (Revers).
AT&T Labs also hosted a relevant discussion on “Finding the Needle: Threat Intelligence in the Era of Big Data”. There is no doubt threat intelligence has become a big data problem and accuracy has become critical, but so is the speed at which security intelligence is operationalized. AT&T’s Santiago Cortes outlined the pyramid of threat which companies should look to address in their own cyber-security structure. These include indicators of compromise, higher order threat indicators and TPPs. The main takeaway of the seminar was that companies must remain agnostic, diligent, and frequently update their systems to maximize protection.
Black Hat proved to be a highly informative conference and we would encourage our members to consider attending next year. For further information on the conference please follow this link.