Behind Enemy Lines: Discovering Initial Phases of Cyber Attacks in Asia
In an era where cyber threats are increasingly sophisticated and pervasive, understanding the early stages of cyber attacks is crucial for effective defense. This talk is a practical talk designed to illuminate the covert operations of threat actors targeting Asia, sometimes by threat actors based in Asia as well. This presentation will delve into the methodologies and tactics employed by cybercriminals and advanced persistent threats (APTs) during the initial phases of their attacks, providing actionable insights and strategies for improve the detection/hunting capabilities.
We will explore real case studies of operations in Asia we observed, dissecting the early indicators. Attendees will gain practical insights into the very early phases behaviors commonly used by threat actors. By examining these stages, we will identify patterns and techniques that can be directly applied for early detection and mitigation.
Jose Luis Sanchez – VirusTotal – Google
Joseliyo Sanchez is a security engineer at VirusTotal – Google. Member of the ENISA Working Group on Cyber Threat Landscapes. Previously worked at McAfee and BlackBerry as a threat researcher. His main objectives are threat hunting that leads to detection engineering and analysis of APTs and Crime groups.