Skip to content
CyberThreat 2019

CyberThreat 2019

Event date 25 November 2019 11:30 – 26 November 2019 12:00

Location Riverbank Park Plaza, London

The talk will take a retrospective look at the techniques, tactics and procedures along with what's, why's and how's of a DNS espionage campaign from 2018 and 2019.

This analysis will include a summary the work we did within NCSC to understand the global underpinnings of DNS from registries, registrars, name server operators to anycast providers in order to ascertain its attack surface.

We will then then go on to discuss the design, implementation and effectiveness of the framework we built in response to detect indicators of interest from both DNS directly and other sources. The techniques developed can be used to aid in the detection of hijacking, as seen in the DNS espionage campaigns, as well as various other actors and techniques.

We will show the data sources, how we ingest, enrich and consume. We will also provide a qualitative analysis of its efficacy.

Finally, we'll share a few other analyst techniques we've identified along the way for investigating bad actor use of DNS.

Speakers:

Thomas G - Head of Industry Analysis, NCSC Operations London

Ollie Whitehouse - Global CTO, NCC Group (and also part of Industry 100 within NCSC Operations London)

More information here: https://content.sans.org/sites/default/files/2019-08/CT_Agenda_v4.pdf

Subjects

Tags

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 (0)23 562 8208

Related content

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom