Warren Mercer joined Talos coming from a network security background, having previously worked for other vendors and the financial sector. Focusing on security research and threat intelligence, Warren finds himself in the deep, dark and dirty areas of the Internet and enjoys the thrill of the chase when it comes to tracking down new malware and the bad guys! Warren has spent time in various roles throughout his career, ranging from NOC engineer to leading teams of other passionate security engineers. Warren enjoys keeping up to speed with all the latest security trends, gadgets and gizmos; anything that makes his life easier in work helps!
Cisco TalosWhat is your title? –
State-sponsored actors and APT groups are not necessarily the same. A state-sponsored actor can be defined as an APT that is supported in some way by a state. This does not automatically make all APTs state-sponsored. APT actors that provide hacking-as-a-service are not necessarily a state-sponsored actor because they can’t be tied to a specific state — they will work for whoever pays the most. But this doesn’t mean that they shouldn’t be considered an APT. These lines get even blurrier when an actor has the characteristics and behaviour we observe in Gamaredon and Prometium groups. These groups whose main interest has been espionage, without any indications of being interested in using crimeware techniques to monetize their activity. Which should put them outside the crimeware gang definitions, however their behavior certainly resembles a crimeware gang rather than an APT.
Q&A and discussion for the malware block, hosted and moderated by Marc-Etienne M. Léveillé. Questions will be gathered from the audience during the four prior talks.