Investigating and defending against Malware Operations

Presentation on targeted attacks with some examples based on the last Citizen Lab reports

For beginners

Format

40 minutes of presentation, and then questions, feedback...

Materials

  • Brain

Introduction

Targeted attacks are bad. I mean, technology was supposed to bring health, peace and happiness for everyone, and now we have people working hard in NGOs who are monitored in everything they do by foreign governments. What happened to our dreams?

Planning

  1. Introduction

    I will say high level generalities about targeted attacks because it is always cool to start with very generic stuff. In my case, i will give an oversight about how bad the situation is for some Tibetan NGOs.

  2. Example 1: KeyBoy malware family

    Examples about a report published in November. We won't enter into to much technical detail but I may say the words "assembly", "passive DNS" or "exploit". bring your jargon ball and feel free to send them as often as needed !

  3. Example 2

    Another more recent example with some weird emails in it.

  4. Conclusion

    Short conclusion because it is needed. That's the part where I try (successfully or not) to explain the difficulty in this research.

  5. Discussion and Feedback

    My work: answering your questions and learning from them

    Your work: bring all your ideas about how to do better work and how to improve this presentation (which will be updated for IFF thanks to your feedbacks).

Glossary

Targeted Attacks

Attack using malware or phishing email by an organized group (here we will consider only attacks against civil society groups)

Follow-up Resources & Materials

Credits & Attribution

Kudos to the fellow fam, love you folks <3