The Best Defense is Information
Jeremy Rasmussen - Sypris Electronics
Mar 04, 2009Size: 559.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractIn the course of doing security vulnerability testing for government and commercial clients over the past 10 years, our Information Security Solutions team at Sypris Electronics has seen a lot of interesting things—perhaps none more so than a recent attack witnessed on a client’s network targeted by a buffer overflow on a popular application. The attack launched a trojan horse, which then dropped in another piece of malware that stealthily connected out to several sites to receive command and control. We will go down the rabbit hole with the attack (as much as I can publicly divulge), talk about our approach to the forensic investigation, and how the client was advised to implement countermeasures to provide an overall framework of security against future attacks.
It is possible people may have known about this particular exploit for more than six months before it was publicly disclosed, and the vendor still has not published a patch for it. Therefore, in this talk, we will also explore the concept of responsible disclosure, information sharing (minus attribution), and how all of this possibly fits into the Presidential Comprehensive National Cybersecurity Initiative (CNCI).
About the SpeakerJeremy Rasmussen is manager of the Information Security Solutions (ISS) group at Sypris Electronics, LLC in Tampa Florida. Sypris is an industry leader with more than 40 years of success in complex electronics manufacturing and engineering products and services for defense and aerospace. Mr. Rasmussen earned a B.S. in Computer Science (1991) and M.S. in Engineering Management (1994) from the University of South Florida (USF). He had experience as a software and systems engineer at Honeywell, Raytheon, and Sypris Electronics before founding the ISS group in 1999. The ISS group specializes in system vulnerability assessments, penetration testing, policy and procedure development, and security training. The ISS group has performed assessments on more than 200 different systems ranging from a small, tactical unit in the back of a Humvee to a 350,000-user WAN spanning 54 states and territories. The team continues to grow in areas targeting penetration testing, automated compliance scanning tools, and products/technologies related to the Presidential Comprehensive National Cybersecurity Initiative (CNCI).
Mr. Rasmussen is an adjunct professor in the Department of Computer Science and Engineering and Department of Information Technology at USF, teaching courses in cryptography and network security, digital forensics, and ethical hacking. He also serves as chairman of the CS&E External Advisory Board. He founded the Whitehatters Computer Security Club at USF, and the team has done very well in organized Capture the Flag events, even reaching the 2007 finals of the Defcon CtF—considered the world championship of hacking.
In his spare time, Mr. Rasmussen enjoys family activities, soccer, taekwondo, teaching Sunday School, traveling, and writing. He has written several articles on “Password Security”, including those for the Encyclopedia of the Internet and the Handbook of Information Security. Mr. Rasmussen was also a Jeopardy! champion in 2007.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.