Prime Time Cyber Heists – Reporting from the Trenches!

THOTCON 0x7

Presented by: Jibran Ilyas
Date: Thursday May 05, 2016
Time: 14:30 - 14:55
Location: Turbo Room
Track: Track 2

In this era of Advanced Persistent Threats (APT), organizations have increased spending on IT security, but for the most part, it has not proven to be fully effective against sophisticated attacks. In the recent past, we have witnessed large data breaches at major companies causing the loss of Intellectual Property or consumer PII (Personally Identifiable Information). As the Security Program matures for high profile companies, the motivated attackers also adjust their Techniques, Tactics and Procedures (TTPs) for the perfect heist. This session will contain a case study of a data breach where attackers didn’t find the need of malware for persistent communication channel, and used WMI and Powershell to carry out a successful data extraction mission. The lessons learned from the trenches as the lead investigator of several high profile breaches will be shared in this session, which shall result in actionable takeaways to improve the security posture and response capabilities of your organization. A live demo will also be shown to illustrate the new age attacks.

Jibran Ilyas

Jibran Ilyas is a Director of Global Incident Response at Stroz Friedberg. He leads the development of Threat Hunting capabilities, mainly the hunt for Advanced Persistent Threats (APT) and Point of Sale (POS) adversaries. He contributes to the innovation in incident response methodology and the development of in-house tools to improve efficiency. He serves as one of the firm’s investigative leads for high profile data breaches and leverages the experience in the field to the benefit of organizations seeking proactive risk assessments. Jibran is also an Adjunct Faculty at Northwestern University teaching their first ever Digital Forensics course.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats