Endless Gunfire in South Korea

Explore an in-depth analysis of a sophisticated APT attack targeting South Korea's cyber landscape. Delve into the threat actor's tactics, techniques, and procedures (TTPs) throughout the attack lifecycle. Examine the custom exploits and general vulnerabilities leveraged to compromise potential victims. Gain insights into the South Korean threat landscape, with a focus on the breach of the Ministry of National Defense (MND). Follow the attack timeline and investigate the arsenal of tools used by the attackers. Analyze the attribution of malware and uncover connections to both past and emerging operations. This 21-minute presentation, delivered at #TheSAS2017, offers a comprehensive look at the unique cybersecurity challenges faced in the South Korean region.

Intro
SOUTH KOREA THREAT LANDSCAPE
OVERVIEW OF KOREA MND BREACHED
TIMELINE OF ATTACK
ARSENAL OF MND BREACHED
ATTRIBUTION OF MALWARE
CONNECTION WITH OLD OPERATION
CONNECTION WITH EMERGING OPERATION