Student Breakfast - MN IT Services w/ Chris Buse
- $400M budget for MNIT
- 0% unemployment rate
- MNIT wants to train/develop IT skills. Everyones wants skilled people but no one wants to train
- Lots of operational jobs
- Looking for interns with lots of general skills
- Flexible hours/locations
Q/A with Chris
- “Are certifications worth it?”
- “Focus on certs, even though I don’t think they’re very useful. They’re mostly just to get passed HR. I’m more interested in people who do IT in their free time.
- “Do you do malware/AV development at MNIT?”
- “No, we don’t develop those. We’re just now starting to reverse engineer samples. We use MCAP(?).
- “Do you do phishing training?”
- “Yes, we send out about 8,500 emails per round. We usually get about a 10% success rate.
Welcome and Opening Remarks
- Collaboration is the key to spreading threat awareness.
- Matt Loeb - “Performance-based assessments are usually bad”
The Dark Web
- Pretty good demo. Mostly focused on scareing people about guns, drugs, carding.
- (Falsely) claimed that the Vegas shooter shopped in a shop like this
- Pointed out obviously fake/spam sites: rent-a-hacker, small drug sites, crazy expensive small gun sites
- Said people can only define what you’re doing wrong, but people can’t define what security is
Cyber Byte with Hala Furst from DHS
- Damages from attacks are increasing
- Security has to be the top priority
- Test response plan regularly
- Don’t have to be the strongest, just not the weakest
- ISAC/ISAO - Share intel
- “I’m old…I don’t tweet” Thunderous applause
- Email still very widely used
- Phishing - similar looking domains
- Still effective
- Have to train employees
Compliance - Lifeline
- Was mostly just the CTO complainging about how difficult FEDRamp compliance is to get
- CME - Similar to EMP?
- Complicance: Point in time
- CMP - Continuous
Breaches - Evan Wolff
- Average breach discovery time - 300+ days
- Have a plan for breach investigation. Be ready when you notify for the torrent of traffic
- Super dope talk about Exploit Kits, how spam spreads, how to identify sources
- Great slides with full-screen informational GIFs
Spies in your wires
- We’re (as a whole) getting better at detecting hacks
- Detection Evasion
- Hot Patching
- Run-once malware
- Time-based exfiltration
- AMT SOL for OOB comms
Common Attack Vectors
- Lots of examples from pentests
- Basically stories from the road
- Tool: Hacker Arsenal
- Mobile workers are on the rise
- Don’t make use cases for new tech. Find new tech to satisfy your existing use case.
- Infrastructure is critical