Infosec Europe 2010 ran 27-29 April at Earls Court. I gave a session on the evolved DDoS landscape — covering the trajectory from the 2008 talk through specific cumulative subsequent developments including Estonia patterns, DDoS-for-hire commercialisation, and the emerging APT framing where targeted threats and DDoS sometimes converge.
This is a longer post because the conference engagement continues to be structurally meaningful.
The session
The session covered the cumulative DDoS trajectory from 2007 through 2010. Specific cumulative material included.
Updated trajectory observations. Specific cumulative cumulative cumulative subsequent DDoS-extortion patterns, specific cumulative cumulative cumulative subsequent political-cyber events (Estonia, Russia-Georgia, Twitter), specific cumulative cumulative cumulative subsequent commercial-cybercrime maturation.
The APT-DDoS intersection. Aurora and similar APT-style activity sometimes uses DDoS as part of broader operations — distraction, infrastructure denial during specific cumulative subsequent intrusion attempts, specific cumulative cumulative cumulative subsequent operational denial. Specific cumulative cumulative cumulative subsequent conversation about cross-category threat-model attention.
Defensive infrastructure trajectory. Specific cumulative cumulative subsequent carrier-level mitigation, specific cumulative subsequent industry coordination structures, specific cumulative cumulative cumulative subsequent client-level defensive disciplines.
Operational guidance. Specific cumulative cumulative subsequent advisory for the specific cumulative cumulative audience — what to invest in, what cumulative cumulative subsequent effect to expect, what cumulative cumulative cumulative subsequent trajectory to plan for.
The session went substantively well. Specific cumulative cumulative subsequent question-and-answer was substantive; specific cumulative cumulative subsequent attendee correspondence has continued in the days since.
The conversations
The cumulative practitioner-network development continues to be the most rewarding aspect of cumulative conference engagement.
Specific cumulative peer-CISO conversations. Specific cumulative cumulative subsequent operators at major UK organisations had substantive conversations during the breaks. Specific cumulative cumulative cumulative subsequent challenges (DDoS readiness, APT-style threat-model attention, specific cumulative cumulative cumulative subsequent regulatory compliance) were discussed.
Specific cumulative cumulative book-related correspondence. Specific cumulative cumulative subsequent readers of Evolution of DDoS introduced themselves; the cumulative book continues producing cumulative cumulative subsequent connections two-and-a-half years after publication.
Specific cumulative cumulative subsequent introductions to specific cumulative cumulative cumulative subsequent operators I had not met. The cumulative practitioner network expansion continues.
The cumulative cumulative conference value has been substantive. Specific cumulative cumulative subsequent operational work will benefit from cumulative cumulative cumulative subsequent network expansion.
What I am taking from the cumulative experience
Three observations.
The DDoS trajectory continues. Specific cumulative cumulative subsequent events through 2010 will continue informing specific cumulative cumulative cumulative subsequent thinking; specific cumulative cumulative cumulative subsequent writing may follow.
The APT framing has substantially landed. Specific cumulative cumulative cumulative subsequent operators across the audience are now thinking about APT-style threats; specific cumulative cumulative cumulative subsequent defensive infrastructure planning reflects the framing.
Specific cumulative cumulative subsequent industry coordination structures matter more than was previously appreciated. Specific cumulative cumulative subsequent operators participating in coordination structures produce better outcomes than those that do not.
What I am doing
For Hedgehog: continued client engagement; specific cumulative cumulative cumulative subsequent work draws on Infosec engagement.
For Northcott: continued secondment work; specific cumulative cumulative cumulative cumulative subsequent operational variety.
For my own continued writing: cumulative archive continues.
More in time.