Aamil Karimi is a former US Army All-Source intelligence analyst and spent over 6 years in Afghanistan working with the US Army, Air Force Office of Special Investigations, and USSOCOM as an all-source and Human Intelligence (HUMINT) analyst and subject-matter expert. Over the last 8 years, Aamil has worked with managed security service providers (MSSPs) and large organizations to build and maintain cyber intelligence programs and standardize collection and analysis operations by combining past experiences with accepted intelligence best-practices.
Every day, researchers and analysts are bombarded with new sets of data and information pertaining to threats and adversaries. This is not very different from what intelligence analysts encounter in physical terrain warfare. In both cases, intelligence can only succeed in looking beyond the flavor of the week by applying timely, qualitative analysis to relevant information. In this presentation we will discuss:
Examples of observing common and older tactics and vulnerabilities that are actively being leveraged (instead of theoretical risks)
Using historical information to make well-informed assessments of future adversary courses of action
Applying qualitative-based risk assessments to adversaries based on observed capabilities and intent
Utilizing non-technical methods of intelligence collection such as human intelligence
We’ll also walk through real-life examples, including our hands-on experience in confirming tactics used by hacktivists during an actual campaign, and tracing suspected ties between a Middle Eastern paramilitary organization and a domestic cyber adversary.