APT & Criminal Attackers Converge Below the Surface

Presented by

Scott Scheferman - Principal Cyber Strategist, Eclyspium

About this talk

Both criminal and Advanced Persistent Threat actors have been leveraging each other’s techniques, tactics, and procedures (TTP’s) for quite some time. Yet, as we look upon the 2021 threat landscape, there are two alarming trends that are rapidly unfolding, and for which organizations are not yet prepared: 1) the convergence of nation-state and criminal focus on the advantages of targeting firmware, and 2) the impacts and advantages to attackers associated with supply chain campaigns. 2020 saw both the alarming discovery of TrickBoot (criminal ransomware group’s UEFI-targeting module) as well as the SUNBURST and Accellion supply chain campaigns that continue to unfold. Now that those TTP’s have been burned, and those actors need to adapt, what do we need to anticipate and prepare for, ahead of this firmware convergence in the threat landscape? Finally, we’ll lean in to anticipate what comes next, if 2020’s activity has been an indicator of what is to come.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (50)
Subscribers (3190)
Eclypsium is the industry’s leading enterprise firmware protection platform - providing a new layer of security to protect your IT infrastructure from firmware attacks. Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today.