15
OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab

Analogic Opsec 101

Embed Size (px)

Citation preview

Page 1: Analogic Opsec 101

OPSEC KRAV MAGA

Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab

Page 2: Analogic Opsec 101

OPSEC AGAIN! WHY?

2

•  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules”

Security Analyst Summit 2015

Page 3: Analogic Opsec 101

ADVERSARIES

3

•  Adversary != Enemy

Resources vs No Resources

Agencies The rest *.Mil Big Bad Boys

Security Analyst Summit 2015

ProTip: Don´t let your PR feed

these guys for free

Page 4: Analogic Opsec 101

MASS SURVEILLANCE

4

•  Good ROI for Agencies! •  They don´t like encryption

•  PGP, ZRTP, OTR, TrueCrypt

Security Analyst Summit 2015

Page 5: Analogic Opsec 101

MASS SURVEILLANCE

5

•  Some inherent problems •  And some non-technical problems

Security Analyst Summit 2015

Page 6: Analogic Opsec 101

RECRUITMENT

6

Security Analyst Summit 2015

•  Neglected approach ? •  Approaches and interaction. •  Move to termination.

Page 7: Analogic Opsec 101

TERMINATION

7

Security Analyst Summit 2015

•  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.

Page 8: Analogic Opsec 101

SUSPICIOUS MEETINGS

8

•  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready.

•  The trap might NOT be the meeting!

Security Analyst Summit 2015

Page 9: Analogic Opsec 101

UNPLEASANT COMPANY

9

•  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach.

•  Better: inform your people

Security Analyst Summit 2015

Page 10: Analogic Opsec 101

BORDERS

10

•  If you consent a search, no warrant needed.

•  Police can search your computer at the border without a warrant.

•  Warrant limitations are ignored if they see something illegal while searching.

•  You don´t have to help or answer questions.

•  You cannot interfere or lie to an officer.

Security Analyst Summit 2015

Page 11: Analogic Opsec 101

BORDERS – OUR ADVICE

11

•  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you.

Security Analyst Summit 2015

Page 12: Analogic Opsec 101

EXTENDING OPSEC

12

Your company should provide you:

•  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are

going to.

Security Analyst Summit 2015

Page 13: Analogic Opsec 101

13 Security Analyst Summit 2015

Do your homework.

Page 14: Analogic Opsec 101

CONCLUSION

14

•  STFU.

•  Discipline over tools.

•  Preparation and alternatives.

•  Don´t forget your role.

Security Analyst Summit 2015

Page 15: Analogic Opsec 101

THANK YOU Dani Creus Vicente Díaz @them0ux @trompi


Eidws 111 opsec

Eidws 111 opsec

Technology
Killing with keyboards[opsec]

Killing with keyboards[opsec]

Technology
OPSEC for Kids

OPSEC for Kids

Education
WAGNER, Roy. Analogic Kinship. a Diribi Example

WAGNER, Roy. Analogic Kinship. a Diribi Example

Documents
OPSEC Newsletter

OPSEC Newsletter

Documents
UNCLASSIFIED OPSEC AND THE HOLIDAY SEASON. UNCLASSIFIED O VERVIEW What does OPSEC have to do with the holidays? OPSEC and Shopping Presents! OPSEC at

UNCLASSIFIED OPSEC AND THE HOLIDAY SEASON. UNCLASSIFIED O VERVIEW What does OPSEC have to do with the holidays? OPSEC and Shopping Presents! OPSEC at

Documents
Opsec for hackers

Opsec for hackers

Entertainment & Humor
OPSEC- How to Install

OPSEC- How to Install

Documents
Convertor Analogic-digital

Convertor Analogic-digital

Documents
CyBEr OPSEC - DoDEA

CyBEr OPSEC - DoDEA

Documents
Analogic Link08 Presentation

Analogic Link08 Presentation

Documents
Opsec for security researchers

Opsec for security researchers

Internet
Dairy - Analogic

Dairy - Analogic

Documents
OPERATIONS SECURITY (OPSEC) GUIDE

OPERATIONS SECURITY (OPSEC) GUIDE

Documents
Geotags and opsec

Geotags and opsec

Technology
OPSEC and Social Networking

OPSEC and Social Networking

Documents
OPERATIONS SECURITY (OPSEC)

OPERATIONS SECURITY (OPSEC)

Documents
OPSEC awareness data aggregation

OPSEC awareness data aggregation

Education
OPSEC 7 APR

OPSEC 7 APR

Documents
Analogic Circuits

Analogic Circuits

Documents
OPSEC for Families

OPSEC for Families

Education
Analogic Supply Chain Quality Manual2gxj9i15530c1434fe5wog0d-wpengine.netdna-ssl.com/wp-content/uploads/... · Corporation and its affiliates (Collectively, “Analogic”). This

Analogic Supply Chain Quality Manual2gxj9i15530c1434fe5wog0d-wpengine.netdna-ssl.com/wp-content/uploads/... · Corporation and its affiliates (Collectively, “Analogic”). This

Documents
OPSEC Family Style

OPSEC Family Style

Documents
OPSEC Countermeasures Michael Chesbro DES OPSEC Officer

OPSEC Countermeasures Michael Chesbro DES OPSEC Officer

Documents
OPSEC Vulnerabilities And Indicators

OPSEC Vulnerabilities And Indicators

Education
OPSEC snapshot

OPSEC snapshot

Documents
OPSEC Briefing - Civil Air Patrol · 2018-08-23 · OPSEC is what you make of it. • The way ahead • Annual OPSEC training requirements in compliance with AFI 10 -701 • OPSEC

OPSEC Briefing - Civil Air Patrol · 2018-08-23 · OPSEC is what you make of it. • The way ahead • Annual OPSEC training requirements in compliance with AFI 10 -701 • OPSEC

Documents
Analogic electronics. Notes in Greek

Analogic electronics. Notes in Greek

Documents
Check Point™ UAA for OPSEC Developers - pudn.comread.pudn.com/downloads142/doc/614417/UAA_OPSECDEV.pdf · The OPSEC UserAuthority API and the OPSEC API provide functions for querying,

Check Point™ UAA for OPSEC Developers - pudn.comread.pudn.com/downloads142/doc/614417/UAA_OPSECDEV.pdf · The OPSEC UserAuthority API and the OPSEC API provide functions for querying,

Documents
Analogic Kinship - Wagner

Analogic Kinship - Wagner

Documents