10-11, 13:00–13:20 (America/New_York), Track 1 (206b)
Language: English
An exploration of techniques, tactics and psychological models used in the infiltration of emerging threat actor groups.
Our personas are fabrications and constructions of our inner self that we project outwards. We do this through various means and influences such as race, gender, sex, ability, age, culture, religion, norms, class, and status. For the “real world” aka “irl” we do all this by expression in our clothing, makeup, hairstyling, our hobbies, our network of friends, colleagues, and acquaintances. We leverage all of these facets and we create masks, personas, that we think will best interact with the world around us. The same concepts apply when creating personas for infiltrating online communities.
What makes a good persona and what makes a bad persona?
Persona’s can vary wildly in quality, many factors contribute to the quality of a persona, for example how tailor is it to the mission, how good is the operational security of the account, how good are you at managing it and leveraging it to establish yourself in a community.
Understanding what you can construct and where limitations lie.
If you know nothing about the community you are trying to infiltrate you will have a hard time establishing a foothold even more so any significant persistence in the community.
Tools, OpSec, and timezone shifting.
We will go over some tools that will help you create, build, and maintain quality personas on the dark web.
What is your Mission?
Know your target: Recon, Probing, and Connecting
Executing your mission
Exfiltration / Means of Exiting
Introduction (5m)
What CTI is and what DarkWeb CTI is?
Jungian concept of what is persona / social mask
Tie in persona concept with infiltration
What’s your mission? (5m)
Give examples (becoming a Ransomware affiliate)
Emerging Threats vs Established Threats
Execution
Good and bad personas (5m)
Structuring text
Aging accounts
…
Know your limits (5m)
I.e.: non-native and even with Google translate its not enough
Knowing the culture
Tools and OpSec …
Take-aways / Conclude
Tammy is a Senior Threat Intelligence Researcher and Certified Dark Web Investigator at Flare. She currently is an admin and volunteer researcher for the open source project RansomLook and a contributor to the DeepDarkCTI project. When she is not working on infiltrating dark web communities she is listening to techno and ambient and sipping a delicious matcha latte. Her other hobbies include street, nature and architectural photography and hosting brunches with friends and family.