Active Defense: Why Duck when you can Hit back?

February 15, 2018 - click to add to calendar

CPE Credits: up to 2.0 hours of CPE is available

Presented by: John Wilson

Active Defense: Why Duck when you can Hit back?

Tempting as it may be to "hack back", current US law makes it illegal to do so. Hacking back is illegal, and sitting back is frustrating and ineffective. Fortunately, there's a middle ground: Active Defense.

Learning Points: In this presentation I will present the results of numerous Active Defense operations that have resulted in

Seizure of bank accounts used to launder money,

Takedown of various online accounts used to lure victims and money mules,

(Legal!) Exfiltration of the scammer's mailbox.

I will also present some of the findings from the exfiltrated mailboxes, such as the different types of scams the BEC actors are involved with, which Crypter services are used by the BEC scammers, and which services the scammers use to find their victims.

About the Speaker:
John Wilson has been combating email-based fraud since 2006, when he developed an authentication-based anti-phishing solution as CTO of Brandmail Solutions. John continues his mission to rid the world of email fraud at Agari, a venture-backed startup that helped to develop the DMARC standard. Leveraging DMARC and private-channel email data, John assisted Microsoft and the FS-ISAC with the B54 Citadel botnet takedown by providing data related to Citadel botnet infections and by acting as a declarant in the civil forfeiture action filed in US District Court. In his current role as Field CTO of Agari, John researches various email scams and conducts experiments in "Active Defense". In the course of these experiments, John has identified and reported more than 120 bank accounts used by fraudsters to launder money, and has referred several cases to law enforcement for further investigation. John holds a B.S. in Computer Science and Engineering from MIT.

Who should attend
IT Leaders (CIOs/CTOs/CSOs/CISOs), IT practitioners (Directors and Managers), IT Audit and Security professionals, Internal and External Auditors.

Field of Study
Auditing & Governance

Instructional delivery method
Group Live

Agenda	11:00 a.m. - 12:00 p.m. Registration, Lunch & Networking 12:00 p.m. - 12:10 p.m. Chapter Announcements 12:10 p.m. - 1:50 p.m. Presentation 1:50 p.m. - 2:00 p.m. Wrap up and Door prizes
Fees	ISACA Denver Chapter Members:   $15 Non-Members:   $25 There is a $5.00 discount for credit card payments. Walk-in non-members must pay by cash/check and will be charged an additional $10.00 fee above the normal non-member fee. Walk-ins may be turned away if space is not available.
Location	Regis University Claver Hall Mountain View room 3333 Regis Blvd Denver, CO 80221 » See Map Parking Lot Map Parking Lot Rates

Registration

Registration for this event is closed.