NDSS

Tuesday, Feb 23 2021
7: 10 – 8:10 AM PST
(NDSS 2021 Main Program)

Wednesday, Feb 24 2021
8: 10 – 9:10 AM SGT
(NDSS 2021 Asia-Pacific Replay Program)

Active for at least 10 months prior to discovery, compromising up to 18,000 computers during that time, including Government, security vendor and technology companies, the Solarwinds attack brought supply chain compromises to mainstream attention. Such attacks are not new however, with several notable attacks in recent years, and numerous similar attacks having been performed against South Korea over the last 10 years.

During this talk I’ll cover some of this supply chain attack history, as well as go into detail on the Solarwinds attack, including the timeline, what tools were deployed, and how they were used.

Keynote Speaker: Gavin O’Gorman

Currently managing the Attack Investigations Team (AIT), Gavin has been a reverse engineer, incident response manager and intelligence analyst during his 11 year career in Symantec. Gavin’s primary role is to gather together information from both Symantec data sources, and open sources, to build a comprehensive picture of an attack, or attackers. Another aspect of the job is to work with law enforcement to assist in the investigation of e-crime where possible. Prior to working in Symantec, Gavin spent several years researching network security in Dublin City University, and lectured part-time for the DCU Masters in Security & Forensics course.