USENIX Enigma 2016 - NSA TAO Chief on Disrupting Nation State Hackers

Whoever convinced the head of TAO at Ft. Meade to give a conference presentation on thwarting nation-state attacks is the person I want handling booking if I ever hold a conference on anything. Damn. One very slight ding: from a news report re. this talk (that actually led me to look for this clip in the first place) it appears that there was a bit of Q & A after the end of the presentation that isn't shown here. Still, thanks very much for uploading this, as well as other presentations from the conference.

uniquelycommon

Know Thyself: it is an olympic ideal to either become or sustain competitive greatness. This use of Know Thyself for InfoSec Defense is spot on. The model of three attackers: opportunist, advanced persistent and destructive is excellent also. From this talk alone, a world class InfoSec program could be built.

Arctific

Just finished watching.  A great presentation covering a host of topics everyone responsible for IT security should consider.If you want a technical "how to" manual this is not the presentation for you.  If you're not a techie and especially if you are actually vested with security responsibility and authority beyond clacking on a keyboard, this is a must see for you.

joeskinny

Thanks for posting this talk and content from the conference.

TomBrennan

Am I the only one @11:38 who immediately thought "Reddit?"

callmebigpapa

HAHA at 30:40 he mentions Steam games and this was 2 years before the Steam RCE was found ! Don't give away our secrets accidentally Rob :)

thorodinsun

NSA TAO seems pretty fun and interesting place to work. Their expensive tools probably make it a joke to break into anything. He only talked about how to defend against common attacks though - not zero-days ;P - he said they aren't important.

shinkurt

The process and remediations the guy presents are nothing new, any good pen testing outfit will be doing the same, difference is the NSA have virtually unbounded resources to do it. That said, still an interesting talk, shame about the q & a

tanyaka

www is the life line of the social engineering experiment going on currently. All of it is very hard for some to take day after day

jewelbennett

I understand very little of this but interesting!

Would a good use of AI be in cyber & IT security ?

michaelmulligan

Try hacking a Brick House and an Iron Stove when/If my computer gets hacked throwing it in the fire, because I'm not sure why my cousins wanna Fuck with me, but I'm not playing and extremely on Edge with just about everything in modern Society.

unholykillu

Sounds like a pretty decent program I like to be a part of that unfortunately I'm just puke civilian duct tape and bailing wire don't know much more Love gas and gas ladies and gentlemen thank you so much for the advice exponentiate that to fight the bottom line starting so willingly about my language and my nomenclature however this is the way I feel this is the way it goes in gold

icarustheother

I swear we don't use zero days they're not efficient enough... Um bruh.

larry_ellison

In my small nobody opinion, at this point, anybody that is actually capable of the variety of all this shit, already has immunity committing cyber crimes right under their nose or with this blessings, and if that is completely off, it won't be long before these guys get em on their team with immunity from prosecution, for the simple fact, they just are not cut like that, never been thru anything more than likely, and know very lil about anything outside of a keyboard and screen. If anyone cares to add or subtract to this, I'm all ears, I'm willing to absolutely accept that I'm not entirely correct, respectfully 👈

lower_level_gee-mah-tree-ah_TV

wondering if anyone is rethinking this presentation?

harrjd

Imagine if 'PLA Unit 61398' members gave exact talks exactly like this (no diff), ameriKKKans would loose their marbles

rahulramteke

Safe to say, if these are the "guardians of the internet" or "protectors against cyber criminals" then how fun must it be to send all other departments, people, and nobody apart of their group/gang on wild goose chases 😭 👋 👏 I'll rate the scareware around 4 outta 10, come on guys y'all gotta get this scareware score up "god damit"

lower_level_gee-mah-tree-ah_TV

That screen in the background; fuck epileptics right?

youlikeicecream

Nothing concrete, just generic hmm I mean bullshit.

jagadeeshakanihal

So... how and why should we believe this is not a psyop?

RR