90 likes | 264 Views
ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations. By Tom Madden, Chief Information Security Officer, Centers for Disease Control and Prevention. BACKGROUND. 34 years with the federal government
E N D
ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations By Tom Madden, Chief Information Security Officer, Centers for Disease Control and Prevention
BACKGROUND • 34 years with the federal government • 27 years involved in cyber security (was cyber security when cyber security wasn’t cool) • 18 years in the nuclear weapons program • Became CDC’s first CISO in 2003 • Entered the Senior Executive Service in 2008 • Most memorable quote from a JSU Professor in 1983 • Proud double alum of Jacksonville State University
Participated in the National Critical Infrastructure Intelligence Committee with DNI, CIA, DIA, and FBI among others to determine national threat priorities
TWO MODELS • Two fundamental models of attack after very different data • A third model encompasses the conventional hacker who has different motives than the APT model • Rarely coordinated • Generally small in scope • Cannot be ignored
EUROPEAN MODEL • Resembles a crime syndicate • Targets financial institutions and other movers of money • Extreme Stealth • Leave very little behind • Not well understood
ASIAN MODEL • Extremely well organized • Not after money – after data – any data • Appears to be state sponsored • Uses K-12 and large university systems as “drops” • If not caught in the act (.rar 443) almost impossible to detect (needle in haystack)
WHAT CAN YOU (WE) DO • Education – education – education • Teach developers security (cross site scripting and sql injection almost always present) • Scan apps in development • Harden domain controllers • Two factor authentication for all elevated actions
SOCIAL ENGINEERING THAT WORKS • The conference approach – use hospitality • The birthday approach • Common interests • Visitor out smoking at the back door • Service and repair
QUESTIONS and DISCUSSION • A word about jobs!!! • ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations • Tom Madden • 770-488-8666 • aqt6@cdc.gov