Tracing the advanced persistent threat: Interview with Joe Stewart

Share this article:
While McAfee's recently released "Shady RAT" report concentrated on the victims of a mass cyberespionage ring, another researcher has decided to focus his attention on the adversaries behind such attacks. In a video recorded last week at  the Black Hat conference in Las Vegas, Joe Stewart of Dell SecureWorks explains how he was able to trace 60 families of custom malware thanks to error messages yielded by a "connection bouncer" tool used by the hackers to hide their tracks, but which inadvertently pointed back to about a dozen command-and-control centers hosted by ISPs in China. Two of the malware families are known to have been used in the RSA SecurID breach. "It gives you a better line on attribution," Stewart told SCMagazineUS.com.
Share this article:

More in Videos

Applying the cyber kill chain

In this video, SC Magazine chats with Chandra McMahon of Lockheed Martin on ways organizations can leverage the cyber kill chain in order to improve their detection, mitigation, and defense posture.

The evolving role of the CSO

In this video, SC Magazine's Danielle Walker interviews Trey Ford, global security strategist at Rapid7, to discuss the rapidly changing role of the CSO.

Added authentication in today's workplace

In this video interview, Dug Song, CEO of Duo Security, discusses the impact of two-factor authentication and its deployment in the workplace, as well as the effect that wearables will have on the enterprise in the future.