Tracing the advanced persistent threat: Interview with Joe Stewart

Share this article:
While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at  the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.
Share this article:

More in Videos

The driving force behind new attacks

The driving force behind new attacks

Roel Schouwenberg, principal security researcher at Kaspersky Lab, speaks with SC Magazine on why new approaches have been employed to go after the same means.

Why companies still struggle with security basics

In this video, Rob Kraus, director of research at Solutionary, speaks with SC Magazine reporter Danielle Walker on the company's Global Threat Intelligence report, which highlights ways to master core security practices.

Understanding encryption and key management

In this video, Richard Moulds, VP strategy with Thales e-Security, speaks with SC Magazine reporter Adam Greenberg on how encryption works and how to improve key management.