ZeroFOX’s Chief Strategy Officer, Shane Shook PhD, will be the featured speaker at ENTELEC 2015 speaking on “Monkey see/Monkey do… Overlapping TTP’s and the problem of attribution.”
The presentation will focus on the reuse of common TTP’s (tools, tactics, and procedures) exhibited in “Advanced Persistent Threat” activities of the past several years – and the challenges that commonality poses for attribution. Examples of notorious/sensational attacks including “Shamoon”, “DarkSeoul”, “Operation Cleaver”, “Fin4”, and others will be provided with details of the TTP’s and their similarities (and difference). Insights from investigations will be provided about attempts to attribute actors to activities in such cases, and the open questions that remain. Particular attention will be paid to distinguishing indicators of attack from compromise activities (IOA vs. IOC) in order to help organizations understand related risks, types of actors involved, and methods/tools to impede or react to such indicators. Learn more about the full conference here.