Investigating and defending against Malware Operations
|Investigating and defending against Malware Operations|
|Presenter(s)||Etienne Maynier & Bill Marczak|
|Title(s)||Mozilla/Ford Fellow & Senoir Researcher|
|Social media||@tenacioustek & @billmarczak|
|2017 theme||Tools & Technology|
This session aims at presenting an update on malware campaigns and start a conversation about solving the issues of addressing targeted attacks in civil society groups.
In the first part of the session (40 mins), we will provide an overview of recent trends in malware operations against civil society groups including an in-depth walkthrough of recent investigations into espionage campaigns targeting groups in the Tibetan diaspora. The objective of this session will be to show what can be learned from these investigations, how the resulting data can aid network defenders and security trainers, and finally gaps that persist in securing civil society.
The second part of the session (20 mins) will be an open discussion on how to improve civil society information security and the role of focused research. Topics that will be address include: improving network intrusion detection, increasing collaboration between researchers and at risk groups, and addressing systemic resource and knowledge gaps. The focus will be on long term security strategies rather than short term "rapid response" tactics.