Volt Typhoon: Understanding and Mitigating 'Living off the Land' Attacks
Simon Hill (VP, Certes Networks)
Track: Utilities
Topics: Cybersecurity
Format: Power Session
Vault Recording: TBD
In this session, Certes CTO Simon Hill will be evaluating increasing prevalent TTPs utilized by threat actors, how AI can provide further arm adversaries to create havoc, and most importantly, mitigation steps that can be taken to mitigate the risk of a data breach even when a bad actor is inside your network using legitimate user credentials.
A Use Case will also be discussed that demonstrates how sensitive applications such as Active Directory can be secured to prevent TTPs such as Privilege Escalation, Lateral Movement and Credential Theft.
Takeaway
· Identify and Combat Advanced Threat Tactics: Attendees will learn how Volt Typhoon and other advanced threat actors use 'Living-off-the-land' techniques to evade traditional security measures, exploiting common IT systems like Active Directory (AD) to carry out attacks undetected.
· Strengthen Security Postures Against Zero-Day Vulnerabilities: Gain insights into how threat actors breach critical infrastructure by targeting vulnerabilities in public-facing network appliances (VPNs, firewalls, routers) and how to proactively defend against these exploits.
· Mitigate Risk of Data Breaches Using Legitimate Credentials: Discover effective strategies and mitigation steps to safeguard critical data and applications, even when an attacker has gained access to your network using legitimate credentials.
· Leverage AI and Emerging Technologies to Fortify Defenses: Learn how adversaries are weaponizing AI to enhance their attacks and what steps you can take to leverage AI in your own defense strategy.
· Use Case: Securing Active Directory Against Privilege Escalation and Credential Theft: Explore a real-world use case showing how Active Directory and other sensitive applications can be protected from common Tactics, Techniques, and Procedures (TTPs), such as Privilege Escalation, Lateral Movement, and Credential Theft.