Released in 2019, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers, carried out by a threat actor using tools and techniques commonly associated with Chinese-affiliated threat actors such as APT10. This multi-wave attack focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network.
MITRE ATT&CK was an important component in our investigation, used to assist in detection, scope, attribution, and communication of the attack. Further, the use of MITRE ATT&CK has allowed other organizations to more easily apply this intel to their security operations, to prevent from being affected by this threat.
Join Israel Barak, CISO at Cybereason, and Katie Nickels, ATT&CK Threat Intelligence Lead at MITRE, to learn about how to operationalize MITRE ATT&CK threat intelligence to defend your organization.
Katie Nickels is the ATT&CK Threat Intelligence Lead at The MITRE Corporation, where she focuses on sharing how ATT&CK is useful for moving toward a threat-informed defense. She is also a SANS instructor for FOR578: Cyber Threat Intelligence. Katie has worked in network defense, incident response, and cyber threat intelligence for nearly a decade. She hails from a liberal arts background with degrees from Smith College and Georgetown University, embracing the power of applying liberal arts prowess to cybersecurity. With more than a dozen publications to her name, Katie has shared her expertise with presentations at Black Hat, the FIRST CTI Symposium, multiple SANS Summits, Sp4rkcon, and many other events. She was the 2018 recipient of the President's Award from the Women's Society of Cyberjutsu and serves as the Program Manager for the Cyberjutsu Girls Academy, which seeks to inspire young women to learn more about STEM.
Israel Barak, CISO, is a cyber defense and warfare expert, with his extensive background established at the Israeli Defense Forces and the Government of Israel. As Cybereason’s CISO, Israel is at the forefront of the company’s security innovation, as well as research and analysis of current and evolving advanced threats. Israel founded and headed the Israeli Defense Forces red team unit, as well as established and operated various cyber warfare teams. As part of his various roles, Israel developed cyber warfare infrastructure and proprietary technologies, including leading development of proprietary cryptographic solutions, research and analysis of security vulnerabilities, information security products and technologies, and managed enterprise-wide large scale development and implementation projects of cyber technologies. Israel spent years training, guiding and professionally mentoring new personnel, providing in-depth cyber expertise as it relates to cyber warfare, cyber security, and threat actor’s tactics and procedures. Israel is a regular speaker at leading cyber security industry conferences and events.