NOC Team Stops Malware from Disrupting Black Hat Asia
A malware attack was attempted against the Black Hat Asia conference that took place in Singapore. The event's Network Operations Center (NOC), a team tasked with the protection of the conference's network and attendees from malicious attacks, was able to identify the attack in time and respond accordingly preventing potentially significant damage.
According to Mr. Bart Stump, NOC team lead and solutions architect at Red Sky, they noticed a serious attack from the internet against Black Hat Asia's registration servers. The goal of the attackers was to drop a malware threat with a range of different functions. Its first task was to start distributing spam, then hijack resources to mine the Monero cryptocurrency. That is not all though as the malware would also move on to attempt credential theft and even employ ransomware. The NOC team were able to quickly deal with the threat and prevent the malware from disrupting the operations of one of the biggest hacker events in the world.
The Black Hat Events NOC team consists of security specialists that come from several different organizations - Palo Alto Networks, RSA, Ruckus, CenturyLink, Gigamon, Cisco and Ekahau. Its members ensure the security, stability, and availability of the event's network. One of the tools they use to monitor the network for signs of attack is a customized dashboard that is capable of pulling together metadata from the participating vendors and displaying it in real time.
Mr. Neil R. Wyler explained that usually, the NOC observers do not block any malware they may detect. After all, the Black Hat series of information security events include numerous training and briefing sessions and they wouldn't want to disrupt someone's demo. Instead, the NOC team would use a new feature that allows them to send a message to the victim informing them that they may have been compromised.
Attendees wouldn't mess with the core infrastructure of the event or the registration servers, so when either of those is targeted the NOC team steps in and takes action.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.