August 10, 2011

Tracing the advanced persistent threat: Interview with Joe Stewart

While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at  the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.
Related Articles
Related Topics

More in Videos

Video: Simplifying security

Simon Hunt, CTO of endpoint security at McAfee, discusses the challenges that security professionals face today when it comes to the many security solutions they have in place.

Video: The effectiveness of two-factor authentication

In this video, Alex Doll, CEO at OneID, discusses the effectiveness of two-factor authentication in the enterprise.

Video: The continued rise of DDoS

In this video, Ashley Stephenson, CEO at Corero Network Security, discusses the development of DDoS attacks, as well as how security professionals can grapple with the challenges the threat poses.