Sharpen your Skills at SANS San Francisco Winter 2017. Save $200 thru 10/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Attack Attribution: It’s Complicated

  • Thursday, April 27th, 2017 at 11:00 AM EDT (15:00:00 UTC)
  • Ross Rustici and Jake Williams
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Cybereason

You can now attend the webcast using your mobile device!

Overview

After every major data breach, the security community engages in a game of whodunit. Its human nature to want some sort of closure and to see the perpetrators brought to justice, but its time to discuss the truth about attributing a source cyber attacks: its not as straightforward as one would think. 

Recent research proves that threat actors use a variety of techniques to create misattribution of the attacks. In our upcoming webinar, Cybereasons Ross Rustici, Sr. Manager Threat Intel, and SANS will discuss examples of attack misattribution and figure out if correct attribution is still possible.

Join us to learn:

  • Why attack attribution is a complex mission
  • The variety of techniques used by nation-state and criminal actors to disguise their involvement
  • An approach to help organizations better harness the power of attribution

Speaker Bios

Ross Rustici

Ross Rustici is Senior Manager of Cybereason Intel Team. He has extensive team management experience with expertise in strategic analysis, qualitative and quantitative analysis, and intrusion analysis who has leveraged 12 years of experience with East Asian geopolitics and cyber security to build from the ground up one of the most capable cyber analytic team for the US Government. Extensively mentored and provided analytic expertise for my team to provide context and actionable assessments (including attribution, motivation, and operational vulnerabilities of our adversaries) to policymakers on some of the most high profile breaches of the last three years.


Jake Williams

Jake Williams is a SANS analyst, certified SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attack on-premises and in the cloud.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.