EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive
Cloud Security Podcast by Google · Anton A Chuvakin
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Guest:
-
Sandra Joyce, VP at Mandiant Intelligence
Topics:
-
Could you give us a brief overview of what this power disruption incident was about?
-
This incident involved both Living Off the Land and attacks on operational technology (OT). Could you explain to our audience what these mean and what the attacker did here?
-
We also saw a wiper used to hide forensics, is that common these days?
-
Did the attacker risk tipping their hand about upcoming physical attacks? If we'd seen this intrusion earlier, might we have understood the attacker's next moves?
-
How did your team establish robust attribution in this case, and how they do it in general? How sure are we, really?
-
Could you share how this came about and maybe some of the highlights in our relationship helping defend that country?
Resources: