Nation-state hackers pose a formidable threat to critical infrastructure, compromising national security, intellectual property, and public safety. This presentation will delve into the tactics, techniques, and procedures (TTPs) employed by nation-state actors, providing a core understanding essential for developing effective defense strategies. Through an in-depth analysis of three real-world case studies, we will expose the implications of nation-state attacks on laboratory, critical infrastructure, and industrial systems. We will examine how these attacks exploit human vulnerabilities, such as social engineering and insider threats, as well as system weaknesses, including misconfiguration and software vulnerabilities. Drawing from recent breaches in research laboratories and industrial manufacturing facilities, we will identify the root causes of these incidents, including human error, malicious insider actions, and inadequate security controls. This presentation aims to provide attendees with a comprehensive understanding of nation-state attack patterns, enabling them to strengthen their organization’s defenses against these sophisticated threats.

DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
5.4K views

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
11.1K views

DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
8.5K views

DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
3.6K views

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
5.4K views

DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
6.4K views