Don't Bring Me Down: Weaponizing Botnets

We're seeing an evolution in botnets. The impact of Mirai bringing down a huge swath of the internet two years ago raised awareness but the release of the Mirai code has raised a new army of botnets that are capable of more than just DDOS on basic systems. But Mirai isn’t the only botnet in town. There are some serious contenders with unexpected enhancements looking for new recruits to work in the bitcoin mines. Routers and cameras and toasters – oh my! The ongoing deluge of devices that connect to the Internet is an IoT nightmare, and an attacker’s dream. Default credentials and weak passwords are only the beginning. Especially with a bevy of unpatched, vulnerable systems on which to unleash some substantial exploits. Persistence and lateral movement ftw! DDoS isn’t just child’s play when attacks are in the realm of terabytes. What happens when we move past outages, and into destructive payloads? And what happens when weaponization meets automation? In this talk, we’ll explore what may come next when nation states move into the turf once held by script kiddies, and build-a-bot gets leveled up in a very bad way. Cheryl Biswas (Strategic threat intel analyst at TD) Cheryl Biswas, aka @3ncr1pt3d, is a Strategic Threat Intel Analyst with TD Bank in Toronto, Canada. Previously, she was a Cyber Security Consultant with KPMG and worked on security audits and assessment, privacy, breaches, and DRP. Her experience includes project management, vendor management and change management. Cheryl holds an ITIL certification and a degree in Political Science. Her areas of interest include APTs, mainframes, ransomware, ICS SCADA, and building threat intel. She actively shares her passion for security online, as a speaker and a volunteer at conferences, and by encouraging women and diversity in Infosec as a founder and member of the "The Diana Initiative".