Paolo Passeri is a Consulting System Engineer for the Cisco Cloud Security Portfolio. Based in London, he is a passionate security enthusiast and evangelist with more than 15 years of experience in the security arena. Currently focused in cloud security and advanced malware detection and mitigation, when he does not help Cisco customers to protect their assets from advanced threats, Paolo updates his blog hackmageddon.com, a collection of timelines and statistics of the main cyber-attacks, which is considered, across the Infosec community, a primary source of data and trends of the threat landscape.
Twitter: @paulsparrows | LinkedIn: http://uk.linkedin.com/in/paulsparrows
Presentation: Identifying Where the Bad Guys Assemble: Chasing the Infrastructures used by Cyber Criminals
The number of malware samples is constantly increasing (so far, during 2017, more than 640 million strains have been discovered in the wild): a new approach is needed that aims to target and inhibit the internet infrastructures used by malicious actors to launch their attacks. After all, the internet is an open system, meaning that the information to expose those infrastructures is available somewhere. The challenge is that these fragments of data are broken up and spread across the web, so they are not immediately visible.
Starting from the analysis of billions of DNS queries, and correlating this information with other elements of threat intelligence coming from Cisco Talos, it is possible to identify proactively where the bad guys assemble, that is where the malicious actors stage prepare their attacks, and block them before their targets are hit.