Principal Software Engineer at Microsoft
Ned has over 15 years of experience in the security community. In his role at Microsoft on the MSTIC Adversary Research Team, he is responsible for identifying and disrupting state sponsored actors originating from the Middle East and coordinating the dissemination of all of MSTIC’s intelligence to Microsoft Incident Response team. Previous to Microsoft, Ned worked as research fellow at the Citizen Lab, as a staff member at the Shadowserver Foundation, and as an adjunct professor at Georgetown University.
Keynote- The Evolving Trends in Iranian Computer Network Operations
In his keynote, Ned will discuss about how Iranian cyber operators continue to evolve their tradecraft and embrace ‘asymmetry’ to achieve their objectives. Beginning in 2012 with Shamoon and continuing through 2022 with Zerocleare, Iranian cyber operators have developed a reputation for aggressively employing destructive tools and tactics to compel or deter their adversaries.
However, a closer analysis of the data suggests that although the threat of destructive attacks remain, Iranian operators have continued to evolve and are now less reliant on ‘big bang’ attacks.
In this talk, we will highlight recent trends in Iranian computer network operations including:
A decreased reliance on destructive attacks
An increase in the use of information operations to amplify more frequent but less impactful attacks
An increase in the speed of exploit weaponization
An increase in targeting of ‘cloud’ resources
We will close with some lessons learned with clustering and attributing Iranian computer network operations.