Crimeware Attribution

*This training qualifies for the 2+2 promotion!

Course Description

It is more important to understand the 'who' and 'why' behind any intrusion within your enterprise. Tracking down and pursuing threats in a manner as to better understand and characterize their level of threat. In this course you will walk through numerous criminal groups and their various skill levels, capabilities, motivation, and resources. You will walk away with not only additional knowledge of criminal groups, but their capabilities, crimeware families, criminal tools, and how to trace back the threat to determine their level of capabilities. This course will also cover some tools and tactics any security professional or intelligence analyst can use to engage specific threats that are targeted in nature. These skills are right from the team who co-authored the content in the upcoming book "Tradecraft: Countering Cyber Espionage and Advanced Cyber Threats" published by McGraw-Hill Professional Press.
Day One
  • Introduction & State of the APT
  • History of Deception
    • Deception and its Role in Information Operations
    • Ancient Use of Deception
    • 20th Century Military Use of Deception
    • Future use and implications
    • Deception as a Counterintelligence tool
  • Cyber Counterintelligence
    • The tradecraft
    • Applications & Goals
    • Applying to Cyber
  • History of Criminal Profiling
    • Mission and objectives of profiling
    • A brief history of traditional profiling
    • Differences and similarities of traditional criminal profiling versus cyber profiling
    • The effect of technology on the psychology, social psychology and behavior of perpetrators
    • Several Case Study Examples of Cyber Criminals
      • Case Overviews
      • Personality Insights
      • Identified Motivations
  • Legal & Ethical Aspects on Deception
    • Legal Background on “when-to” and “when-to-not” profile hackers
    • Prosecutable versus Non-Prosecutable
    • Implications of deception and counterintelligence
    • Building a
    • Case study
  • Attack Tradecraft- Hackers use to enter your network
    • Injection Vectors
    • Malware/Rootkits/Botnets
    • Sophisticated Methods of Attack
  • Operational Deception, Misinformation & Disinformation
    • How to implement Cat & Mouse Strategies with Hackers within your network to catch them
      • Why do you need Deception?
      • Perception Shaping & Controlling the information Environment
      • Protection, Protection, Protection
      • How (Techniques) do you do this deception thing with cyber?
        • Feints
        • Demonstrations
        • Ruses
        • Displays
      • Consequences of Failure / Consequences of Success
Day Two
  • Tools, Tactics, and Procedures
    • Tools - Deception Technologies
      • Technologies
      • Where to stage technologies
      • How-to analyze the data
    • Tactics - Deception Tradecraft
      • Engaging in Disinformation
      • Perceptual Consistency
      • Content Staging
      • Content Filling
    • Procedures - Best Practices
      • Building your deception network
      • Joint Operations
      • Engaging the threat
      • Pursuing the threat
  • Attack Attribution
    • Attack Analysis
    • Attack Response   
  • Attribution
    • Attribution to foreign actors via Cultural Biases
    • In-depth look at the Motivations of the Blackhat Community
      • MEECES
      • Attacker Analysis
      • Attacker Response
    • The rise of the civilian cyber warrior
    • Future Emerging Threats on the net
      • Social Causes
      • Cultural Causes
  • Understanding Advanced Persistent Threats (APT)
    • The threat
    • Your Adversary
    • What you are protecting – Operations Security
    • What is available to you
  • “When” and “When, not to act”
    • To hack or not to hack-back
    • Attacking the attacker within your network
    • Push the threats from your network
    • Legal Aspect of attacking the attacker
  • Implementation & Validation
    • Planning a Deception Operation
    • Putting this book to use
    • How-to evaluate success
Instructor
Sean Bodmer

Dates
October 22 – 23, 2011

Pricing
Register and pay by July 31, 2011: $2299
Register and pay by September 15, 2011: $2699
Register and pay after Spetember 16, 2011: $2899

Class Capacity
25

You will get this:
  1. Lunch and coffee breaks throughout the duration of the training.
  2. Complimentary Pass to Hacker Halted conference (Inclusive of Party entrance pass).
  3. Certificate of Attendance

*This training qualifies for the 2+2 promotion!


spacer
dummy