2024-12-14 –, Clappy Monkey Track
After introducing the Bsides audience to the Fligistan Intelligence Bureau at Bsides Cymru 2024, we wanted to expand that for the London audience by diving deep into the world of Cyber HUMINT. This talk will delve into how Fligistan deploys tactics, technologies, people and processes, and then pivot to how we can use that knowledge, as cyber practitioners, to gain insight for our own defenses and offensive security.
At Bsides Cymru we introduced the audience to what modern intelligence apparatus looks like using the fictional country of Fligistan. This talk builds upon that and focuses on Cyber HUMINT, the fusion of traditional human intelligence (HUMINT) with cyber operations. It is a powerful tool for both attackers and defenders. In this talk we explore how CyberHUMINT exploits human vulnerabilities, leverages social engineering, and manipulates insider threats, leading to significant risks such as data breaches or disclosure of corporate secrets. We’ll examine real world examples where adversaries use remote working job opportunities for infiltration, platforms like LinkedIn for agent recruitment, using avatars for covert dark web operations, and psychological manipulation through bot farms and psyops to influence and deceive organisational and military targets.
We will also delve into how behavioral analysis and patterns of life in computer networks and subcultures can help to identify malicious actors early. Attendees will gain actionable insights on how to recognise and mitigate insider threats, as well as the critical role CyberHUMINT plays in understanding patterns of life and digital behaviour. Whether you’re part of the Fligistan red team, social engineering corps, or an intelligence analyst, this session will equip you with the tools to protect your organisation from advanced human and cyber-based threats.
Tony has over 15 years of security experience, he has worked both as an internal blue team consultant within the finance industry and for the technology partner for the world leading Oyster card system and more latterly as an external security tester and auditor. He specialises in intelligence gathering, delivering intelligence and reconnaissance investigations. In addition, he is adept at socially engineered initial access. Including, cyber social engineering, such as phishing, smishing and vishing, or physical social engineering into organisations to install network implants and steal information. Alongside this Tony speaks the world over at technology events highlighting key risks with the internet of things, automotive and maritime, alongside delivering engaging and enthralling security awareness presentations. Drawing on his experience breaking into companies, Tony is able to illustrate and demonstrate critical issues in a way that audiences of all levels can understand.