“Catch me if you can” The cat & mouse game. presented at BSidesZurich 2016

by Roberto Martinez,

Summary : Each day the Digital Detectives have the challenge of discovering what was designed to be undetectable. The Cyber Criminals arsenal and the actors behind the directed attacks are each time broader and more sophisticated, taking advantage of the System Vulnerabilities, using “0 day” exploits or abusing the own system tools. The main objective of the attackers is staying “invisible” without being detected, at least the enough time to achieve their goal. The interesting thing here is that almost all the time, they have been successful.
Stuxnet, Flame, Turla, Duqu 2.0 or Carbanak are just a few examples of the targeted attacks that have had a significant impact in the recent years.
What was wrong? Why most victims not detected these attacks until it was too late? How can the organizations be more prepared to detect these attacks timely?