Type:
Exhibit Floor Speaking Session
Session ID:
CS05
Title:
Hey Adversary, Your Infrastructure is Showing
Description:
Healthcare and federal organizations are among the most essential agencies to society, putting them in greater danger of increased frequency and severity for cybersecurity threats. The consequences of suffering a malicious attack can be life or death. DNS is critical in combating these threats, whether phishing, ransomware, remote tampering with critical internet-connected devices, or the manipulation of prescriptions in electronic health records (EHRs). Adversary infrastructure intelligence can bolster defenses against discovered attackers. Healthcare providers, federal agencies, and the companies that work with them both have a vested interest in learning all they can about the persons or organizations behind domains or IP addresses observed in successful or attempted cyber breaches. Combating these threats starts with DNS. As one of the fundamental protocols of the Internet, DNS is involved in nearly every traffic flow touching an enterprise environment.
This presentation will equip the audience with some of the latest discoveries in adversarial threats to healthcare and government organizations; detailing discoveries from the DomainTools research team in phishing, malware, and spam as well as regulations and CISA initiatives that impact information security professionals. Audience members will learn techniques using passive DNS and domain registration records that can be used to support investigations and uncover more information about who may be targeting their organization or an organization within their supply chain. Join us by viewing a live demonstration of the DomainTools Iris Investigate platform, using recently active threat infrastructure, to illustrate how DNS can be used to draw connections between malicious domains and predict future moves by adversaries.