Upload File

analogic opsec 101

15
OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab

Upload: vicentediazkl

Post on 15-Jul-2015

3.882 views

Category:

Education


3 download

Report

TRANSCRIPT

Page 1: Analogic Opsec 101

OPSEC KRAV MAGA

Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab

Page 2: Analogic Opsec 101

OPSEC AGAIN! WHY?

2

•  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules”

Security Analyst Summit 2015

Page 3: Analogic Opsec 101

ADVERSARIES

3

•  Adversary != Enemy

Resources vs No Resources

Agencies The rest *.Mil Big Bad Boys

Security Analyst Summit 2015

ProTip: Don´t let your PR feed

these guys for free

Page 4: Analogic Opsec 101

MASS SURVEILLANCE

4

•  Good ROI for Agencies! •  They don´t like encryption

•  PGP, ZRTP, OTR, TrueCrypt

Security Analyst Summit 2015

Page 5: Analogic Opsec 101

MASS SURVEILLANCE

5

•  Some inherent problems •  And some non-technical problems

Security Analyst Summit 2015

Page 6: Analogic Opsec 101

RECRUITMENT

6

Security Analyst Summit 2015

•  Neglected approach ? •  Approaches and interaction. •  Move to termination.

Page 7: Analogic Opsec 101

TERMINATION

7

Security Analyst Summit 2015

•  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.

Page 8: Analogic Opsec 101

SUSPICIOUS MEETINGS

8

•  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready.

•  The trap might NOT be the meeting!

Security Analyst Summit 2015

Page 9: Analogic Opsec 101

UNPLEASANT COMPANY

9

•  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach.

•  Better: inform your people

Security Analyst Summit 2015

Page 10: Analogic Opsec 101

BORDERS

10

•  If you consent a search, no warrant needed.

•  Police can search your computer at the border without a warrant.

•  Warrant limitations are ignored if they see something illegal while searching.

•  You don´t have to help or answer questions.

•  You cannot interfere or lie to an officer.

Security Analyst Summit 2015

Page 11: Analogic Opsec 101

BORDERS – OUR ADVICE

11

•  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you.

Security Analyst Summit 2015

Page 12: Analogic Opsec 101

EXTENDING OPSEC

12

Your company should provide you:

•  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are

going to.

Security Analyst Summit 2015

Page 13: Analogic Opsec 101

13 Security Analyst Summit 2015

Do your homework.

Page 14: Analogic Opsec 101

CONCLUSION

14

•  STFU.

•  Discipline over tools.

•  Preparation and alternatives.

•  Don´t forget your role.

Security Analyst Summit 2015

Page 15: Analogic Opsec 101

THANK YOU Dani Creus Vicente Díaz @them0ux @trompi


Analogic Circuits

Analogic electronics. Notes in Greek

OPSEC Vulnerabilities And Indicators

OPERATIONS SECURITY (OPSEC)

OPSEC for OMBUDSMEN

OPSEC awareness data aggregation

Analogic Supply Chain Quality Manual2gxj9i15530c1434fe5wog0d-wpengine.netdna-ssl.com/wp-content/uploads/... · Corporation and its affiliates (Collectively, “Analogic”). This

Analogic Kinship - Wagner

OPSEC 7 APR

Holiday OPSEC

OPSEC Countermeasures Michael Chesbro DES OPSEC Officer OPSEC Countermeasures Michael Chesbro DES OPSEC Officer

Dev opsec killing-the_buzz

OPSEC for Kids

OPSEC for Families

CyBEr OPSEC - DoDEA

Opsec for hackers

UNCLASSIFIED OPSEC and Social Networking Naval OPSEC Support Team (NOST) Navy Information Operations Command (NIOC) (757) 417-7100 DSN 537 [email protected]

Using Operational Security (OpSec) to Support a Cyber ... OpSec...Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments Version 1.0

OPERATIONS SECURITY (OPSEC) GUIDE

Convertor Analogic-digital

Analogic Link08 Presentation

OPSEC snapshot

OPSEC Family Style

Social Networking & OPSEC

OPSEC Briefing - Civil Air Patrol · 2018-08-23 · OPSEC is what you make of it. • The way ahead • Annual OPSEC training requirements in compliance with AFI 10 -701 • OPSEC

OPSEC Countermeasures Michael Chesbro DES OPSEC Officer

Geotags and opsec

Dairy - Analogic

OPSEC- How to Install

Check Point™ UAA for OPSEC Developers - pudn.comread.pudn.com/downloads142/doc/614417/UAA_OPSECDEV.pdf · The OPSEC UserAuthority API and the OPSEC API provide functions for querying,

Eidws 111 opsec

UNCLASSIFIED OPSEC AND THE HOLIDAY SEASON. UNCLASSIFIED O VERVIEW What does OPSEC have to do with the holidays? OPSEC and Shopping Presents! OPSEC at

Opsec for security researchers

Interaction of analogic and digital workflows for architectural …pdf.blucher.com.br.s3-sa-east-1.amazonaws.com/designproceedings/... · Interaction of analogic and digital workflows

OPERATIONS SECURITY (OPSEC) PROGRAM