Abstract:
2015 was the culmination of a simple and efficient criminal business model: extortion. Either via ransomware, sextortion or threats with DDoS attacks against companies that do most of their business on-line. Which cases were reported to SI-CERT during the year and what did we learn from it?

How to deal with ransomware, what were the common delivery methods, how is that related to exploit kits and where the perpetrators are. On the other hand, how does the simple social engineering look like behind sextortion attacks and where does the money go. And lastly: will arrests of DD4BC extorion group also mean that the copycats like Armada Collective will at least temporarily dissapear to ponder on their future?

Bio:
Gorazd Božič is the Head of the Slovenian national Computer Emergency Response Team (SI-CERT) which was established in 1995. Between 2000 and 2008 Gorazd was the Chairman of the European CERT group TF-CSIRT, which brings together all known CERTs in the wider European region and provides the accreditation and certification programme for CERTS – the Trusted Introducer. Gorazd is involved in national awareness-raising programmes for cyber security and has been the Slovenian representative to the the Management Board of ENISA, the European Network and Information Security Agency, since its formation in 2004.

While studying, Gorazd was involved in natural language processing and lexical analysis at the Jozef Stefan Institute and was the co-author of the software package OKUS used for text analysis. He was the sysadmin for VMS, Irix and SunOS systems in the lab and Stolls “”Coockoo’s Egg”” and the Mitnick story got him interested in network and information security.

Slides/Video/recordings:

[Recording (MP4)] [Recording (OGV)]

Posted on Monday, February 15th, 2016 at 8:18 PM in talks | rss feed for comments| Both comments and pings are currently closed.