by Maarten Van Horenbeeck

Hi everyone,

I just finished my talk at 24C3 on targeted attack patterns, dubbed "Crouching Powerpoint, Hidden Trojan". The short agenda of this talk:

Targeted Attacks and Information Operations
Value and distribution of information
Information Operations: Deny, Deceive and Destroy
Cultural differences in IO
Contemporary methodology

A targeted attack incident
Background on the issue space
Overview of attacks
Link analysis between objects of attack

Defence against the dark arts
Technical Controls
Security Intelligence

In essence, I looked into targeted attacks against the Falun Gong community, as they are still taking place today. I list some of the unique features (such as "domain parking") some of these attacks have, and briefly touch on ways to better defend corporate networks. Naturally, there was too little time in one hour to cover it all. Finally, I show a small map that illustrates the complexity of a single attack series over a total of 8 months.

If you were there, thanks for hopping in and I hope you enjoyed it. You can now find the slides available for download here.