6. Offensive usage of malware
ENERGY & INFRA Financial MEDICAL MOBILE Defense
7. Offensive usage of malware
Why malware?
• low profile during preparation
• many options to spread / infect
• many ways to hide
• self destruct mechanism
• many ways to transfer data to
8. Offensive usage of malware
• More and more discovery of malware frameworks
• Multiple modules /components
• Written by pro’s – sponsored by nations
9. Offensive - What’s Different?
Development Delivery Detection Command & Control Intent
• Nation-States • Zero day • Digitally signed • Central • Surveillance
propagation with command
• Truly compromised • Disrupt /
customized • Multi-vectored: certificates • Modular Destroy
payloads Blue tooth, payloads
USB, network • Outbound ex-
filtration
masking
41. Final thoughts......
An Intel company
- Incidents happen
- Is forensic & malware readiness on your agenda?
- What needs to be changed in your process?
- Is your {army-unit/company/agency/etc} prepared?
- Did you separate critical infrastructures?
- Can we help you?
42. Thank you! An Intel company
Keep in touch:
Email: Christiaan_Beek@McAfee dot com
Twitter: @FSEMEA @Foundstone @ChristaanBeek