Defense Event

Nation-State Attackers and their Effects on Computer Security

Andrew Springall

Tuesday, November 28, 2017
2:00pm - 4:00pm
3725 Beyster Building

Add to Google Calendar

About the Event

Nation-state intelligence agencies have long attempted to operate in secret, but recent revelations have drawn the attention of security researchers as well as the general public to their operations. The scale, aggressiveness, and untargeted nature of many of these now public operations were not only alarming, but also baffling as many were thought impossible or at best infeasible at scale. The security community has since made many efforts to protect end-users by identifying, analyzing, and mitigating these now known operations. While much-needed, the security community's response has largely been reactionary to the oracled existence of vulnerabilities and the disclosure of specific operations. Nation-State Attackers, however, are dynamic, forward-thinking, and surprisingly agile adversaries who do not rest on their laurels and are continually advancing their efforts to obtain information. Without the ability to conceptualize their actions, understand their perspective, or account for their presence, the security community's advances will slowly become antiquated and unable to defend against the progress of Nation-State Attackers. In this work, we present and discuss a high-level model of Nation-State Attackers that we believe can be used to represent their attributes, behavior patterns, and world view. We use this representation of Nation-State Attackers to A) show that real-world threat models do not account for such highly privileged attackers, B) identify and support technical explanations of known but ambiguous operations, and C) identify and analyze vulnerabilities in current systems that are favorable to Nation-State Attackers.‚Äč

Additional Information

Sponsor(s): Alex J. Halderman

Open to: Public