inversecos
Lina Lau @inversecos is a Principal Incident Response Consultant at Secureworks, prior to this she was the Australia & New Zealand Threat Hunting and Incident Response lead at Accenture Security. Her primary interests lie in malware analysis and botnets.
Australia
Intervention
Botnets and DDoS, these words are never too far apart. However, DDoS is just the tip of the iceberg for what botnets are actually used for in the cybercrime community. Money talks - and botnets are the supply side of cybercrime that drive multiple different campaigns like phishing, exploit kit delivery, adware and banking trojans.
This talk uncovers the complex structure of cybercrime and how most criminal campaigns are linked to botnets as their supply and delivery mechanism. We will explore the economy of cybercrime and calculate in figures the amount of money renting a botnet or building a botnet can profit cybercriminals. You will learn exactly how and what botnets are used for outside DDOS and you will walk away understanding how phishing/spam emails or banking trojans link back to botnets. Afterall, how can you protect against criminals without understanding them?
Finally, I will present my Crime Economy map which I’ve designed that maps out the hierarchy and the revenue streams derived from hiring botnets to run coordinated campaigns. This aims to assist blue teams have a better understanding about the criminals they’re protecting against.