Also a very good point by Robert in regards to predicting threat actors' targeting. It's a waste of time to debate whether you are likely to be targeted or not. Focus on deploying robust security controls and always be prepared for the unexpected.
Very interesting that Dragos does not do attribution unless it affects the incident response process. It seems like an efficient way to approach things given that the priority should be to formulate how to properly defend the systems at hand.
Haha love the final part message to the adversaries
Great mapping of Pipedream along Purdue and MITRE, thx Mr. Lee!🙌
Also a very good point by Robert in regards to predicting threat actors' targeting. It's a waste of time to debate whether you are likely to be targeted or not. Focus on deploying robust security controls and always be prepared for the unexpected.
Schrodinger ICS, haha. Good point to invest more in detection and response as opposed to concentrating all resources on prevention.
Lateral movement monitoring. Not just what comes in and goes out.
These threat actors are really organized. I didn't know there were separate groups that specialized in access or the activity in itself.
Very interesting that Dragos does not do attribution unless it affects the incident response process. It seems like an efficient way to approach things given that the priority should be to formulate how to properly defend the systems at hand.
Great talk, Rob!
Great Talk
Great talk
Are you certain the adversaries' tradecraft error wasn't intentional as a warning signal from the adversary nation state to the USA?