Cyber false flags and adversarial counterintelligence, oh my…

DerbyCon 9.0 - Finish Line

Presented by: Jacob Williams
Date: Friday September 06, 2019
Time: 17:00 - 17:45
Location: Track 3

So you’ve performed the investigation and attribution is complete. Or is it? Attackers are becoming more advanced every day. And with that sophistication comes the desire to pin their attacks on others to cover their tracks. Earlier this year, the we observed the first kinetic response to an alleged cyberattack. But what if the attribution were wrong? That’s not as far-fetched as some might think. In the Olympic Destroyer attacks, it’s now clear that Russia tried to confuse analysts into believing it was North Korea. In this talk, someone who’s been on both sides of the keyboard will examine how attackers might conduct false flag attacks, case studies where it’s happened, and how you can avoid being duped into performing an inaccurate attribution.

Jacob Williams

Jake Williams is the founder of Rendition Infosec, IANS faculty, and a former NSA hacker (as endorsed by Russian intelligence operatives). He performs research on incident response and red team operations, as well as cyber threat intelligence. Jake uses his passion for information security and business experience to translate complex topics into formats that are easily digestible by those without a technical background.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats