Threat Actor Analysis
Session
Wednesday, December 04, 2024 11:15—12:15
Location: Satellit
Wednesday, December 04, 2024 11:15—12:15
Location: Satellit
Experts predict that between 2035 and 2045, we will witness the emergence of powerful quantum computers capable of fundamentally compromising our current public-key systems, which form the bedrock of security for various network and application protocols (such as TLS, IPsec, SSH, EMV, PKI, and code updates). While this might seem like a distant concern given the daily onslaught of cybersecurity threats, it is essential to recognize the urgency for two critical reasons.
- Firstly, sensitive data, including medical and financial information, may retain its significance for several decades. High profile adversaries can collect and store this data today, anticipating future decryption capabilities enabled by quantum computers. This underscores the need to address quantum threats proactively.
- Secondly, the transition to quantum-resistant infrastructure is an intricate and time-consuming process, especially in complex ecosystems comprising tens of billions of devices. It is estimated that this migration will take at least a decade to complete successfully.
Recent developments have underscored the importance of preparing for the post-quantum era. In the summer of 2024, the National Institute of Standards and Technology (NIST, US) has released its first batch of post-quantum standards. The National Security Agency (NSA) has outlined an ambitious timeline for their implementation, with completion ranging from 2029 to 2033 depending on the application. Following initiatives in several Member States, the EU has announce the development of a coordinated implementation roadmap for the transition to post-quantum cryptography
In light of these developments, any lingering scepticism about the necessity of preparing for quantum threats has dissipated. It is now unequivocal that every organization must commence planning for their migration in the coming year.
This session will provide a technical update on the new post-quantum standards and their practical implementation while addressing the challenges inherent in the migration process.
In this presentation, we explore the evolving landscape of cybersecurity threats, focusing on Distributed Denial of Service (DDoS) attacks and ransomware. The session provides a comprehensive analysis of attack vectors, highlighting key trends such as the increasing sophistication of ransomware operations—employing professional, hierarchical structures and double extortion techniques—and the rise of DDoS-as-a-Service, enabling widespread exploitation of vulnerabilities.
Real-world case studies demonstrate the global scale of these attacks, their financial implications, and strategies for mitigating risks.
Attendees will gain insights into adversarial tactics, the economics of cybercrime, and the critical role of robust defense mechanisms to safeguard sensitive data and ensure business continuity in an era of escalating digital threats.
In this session, we will explore the universe of threat intelligence, its various types, components and the threat intelligence lifecycle. Attendees will gain insights into the classification of threat vectors and motivations of threat actors, embellished with real-world examples.
We will discuss common challenges when building a Threat Intelligence program. Tools and techniques for effectively implementing and using threat intelligence will be explained.
Finally, we will have a view future trends in threat intelligence, preparing organizations for emerging threats and the evolving cyber threat landscape.
