Malware awareness and training: how to make an attacker's job harder by leveraging their malware.
Watch the video
Synopsis
In the digital world we live in, cyber-attacks are becoming part and parcel of the modern world. We frequently hear about the latest attacks on the news, with an almost constant barrage of infections and compromises.
Seemingly innocuous emails, attachments, files can almost instantly open the door to attackers, as well as improperly configured infrastructure exposing increased attack surface for a would-be attacker to deposit malware. Whilst attacks are frequently covered, a less well-covered aspect is often how we can train individuals and organisations against malware attacks.
Typically, during malware analysis, indicators of compromise (IOC’s) are harvested and fed into SIEMs and antimalware systems to detect the malware in future, however this does little to address what is often the root cause: us humans.
Whilst awareness training currently exists, it doesn’t always accurately reflect how attacks occur in the real-world and what those attacks look like. Emergent types of training allow technical staff and some power users to safely simulate attacks, with the intention of providing a more realistic learning environment than previously possible. In this form, malware, or pseudo-malware, can represent a treasure trove of information for training.
By understanding the steps typically taken by attackers and interacting with an artificial attacker or program, technical staff members can recognise key signs of malware infections and integrate this into user training. Inserting such details into training materials can help to give users greater protection from attacks, ensuring the training materials remain aligned to how attacks occur in the real world. Such training is beneficial to technical staff and individuals in cyber, who can help to raise the alarm of anomalous activity.
This talk will walk through what real attacks and training look like, as well as how emergent simulated attack training can supplement existing training and help to support us all in making an attacker's job harder.
About the speaker
Alex Cameron
I have always been interested in cyber and started through a Saturday job at a local computer repair store, which gave me a real insight into all aspects of computers, from repairs to malware removal and data recovery.
This ultimately led me to work within the cyber security industry at aerospace engineering and consultancy firms, in which I work to design and develop bespoke security solutions. I have always had a keen interest in learning and furthering my knowledge.
I work in industry as a cyber architect and study part-time PhD at University of Gloucestershire. My areas of specialism involve SIEM engineering, secure code analysis, malware defence and security architecture.
Our events are for adults aged 16 years and over.
BCS is a membership organisation. If you enjoy this event, please consider joining BCS. You’ll be very welcome. You’ll receive access to many exclusive career development tools, an introduction to a thriving professional community and also help us make IT good for society. Join BCS today.
For overseas delegates who wish to attend the event, please note that BCS does not issue invitation letters.
COVID-19
BCS is following government guidelines and we would ask attendees to continue to also follow these guidelines. Please go to https://www.nhs.uk/conditions/coronavirus-covid-19/ for more information, advice, and instructions.
This event is brought to you by: BCS Cheltenham and Gloucester branch