Social MediaTwitter

Liam Smit



I become interested in information security as an extra-mural activity through attending and participating in the Cape Town InfoSec community. This motivated me to complete the Evil MSc at Rhodes. InfoSec has been my day job since the last BSides Cape Town.

Title: The Nation State Actor Ate My Homework!

Nation State actors as an excuse for breaches are becoming the info-sec equivalent of “the dog ate my homework”. Supposedly unstoppable due to their advanced exploitation techniques using zero days and the enormous resources at their disposal. This talk examines key questions to see if this thinking holds water.

What nation state attack techniques are within reach of less well-resourced attackers? By providing examples of such techniques, the relevance of the research is extended to those not facing nation state attackers.

What can a nation state actor do? What systems do they attack? What separates them from the lone attacker? How do they frustrate attribution? What inherent attributes of the target system do they seek to exploit?

From firewalls and embedded devices to servers and network equipment it is all up for grabs. The benefit of a large staff and budget is that you can do more. Miss-attribution is a great way to deflect blame to others and attacking via already compromised third-party systems accomplishes this but adding evidence to implicate your rivals for reverse engineering to find takes it to another level.

Can they be stopped? Can they be detected? Can they be dissuaded through increased time and cost to exploit? Can their methods be detected, captured and analysed? What do they fear or respect?

By examining what makes attacks possible, it allows for defensive actions to be taken again even the most determined and resourced attacker. And knowing you are being hacked is half the battle.