DEF CON 31 - Contextualizing The Vulkan Leaks & State Sponsored Offensive Ops - Joe Slowik

DEFCONConference
DEFCONConference
9,824
0
2023-09-16に共有
In March 2023, journalists and investigators released analysis of “the Vulkan files.” Consisting of documents associated with a Russian company working with intelligence and military authorities, the papers revealed a variety of ambitious programs such as “Scan-V” and“Amezit.” Both programs, in the sense that they offer capabilities to acquire, maintain, and task infrastructure for cyber and information operations at scale, are deeply concerning, indicating a significant advancement in Russian-linked network warfare and related actions.

Placing these items in context reveals a far more troubling picture.After reviewing the capabilities of Amezit and Scan-V, we can see glimpses of historical programs in the advertised efficacy of these projects. We will consider other items that have leaked over the years offering similar capabilities, albeit in different circumstances.Examples include Russia’s SORM framework for domestic operations,China’s Great Firewall and (more significantly) Great Cannon programs, and items that emerged in the Snowden leaks such as the US’s alleged “Quantum” program.

By analyzing these additional projects, we will observe a decade’s long trend in the systematization and scaling of cyber programs, especially with respect to automated exploitation and infrastructure management. Vulkan and related items, as significant as they are, represent a culmination of operational evolution and an example of the proliferation of capabilities following disclosure. With programs such as Scan-V exposed, we should anticipate other entities seeking to mirror such capabilities, progressing beyond botnets and other distributed systems to effective management of dispersed capabilities for signals intelligence and cyber operations.
コメント (13)
  • @SadeN_0
    I love how freely he's just dropping all the cursewords in his speech with passion, really livens up the piece. Been consuming way too much ad-friendly sanitized youtube content lately, this sorta stuff is a breath of fresh air
  • @almc8445
    Have a like, have a comment, have a subscribe, this talk was great :)
  • @iRunKids
    nobody knows who leaked this stuff, definitely not my friends over at no such agency!
  • @mrvzhao
    automation and scalability sound like obvious next steps, one doesn't need to be inspired by leaks (or need to be even smart) to figure that out
  • @ex1tium
    It's just a matter of time before these state entities find that letting private sector dip their hand in the cookie jar will soon make those same hands take the jar away and that is just the start. Or maybe I've been reading too much Gibson and the like lately.
  • @rogerioar
    Loved the anti Snowden, anti Trump remarks. Will shut up now so I dont get dronned
  • @thesayynn
    i don't understand how trump is related to this?