How to Fight an APT attack - Identifying and Responding to a visit from China presented at ISSAinternationalcon 2014

by John Henderson, Ron Pelletier, Jeff Foresman,

Summary : This presentation is an actual case study of an advanced attack that originated from China and breached
a client’s network. We will do a step-by-step review how the original malware was discovered, the
different types of malware used, how we identified the extent of the breach, how the remediation was
planned and how the malware was removed. We will discuss what went right and mistakes that were
made during the process. We will also discuss the open source and commercial tools used during the
detection and remediation process.