Sponsors: RSA & Datashield
Topic: Exposing the Terracotta VPN – Anatomy of an Advanced Campaign
Summary: In August 2015, RSA uncovered details of a massive malware-supported VPN network being used as a launch platform for APT activity, dubbed “Terracotta”. This malicious service gave nation-state actors a way to obscure their true origin when acting on their objectives by tunneling their activities through VPN nodes silently installed on victim networks across the globe. This session will explain what Terracotta VPN is, how it works, and how it was ultimately discovered.
Presenter: Sean Ennis, RSA
Sean Ennis is a Principal Systems Engineer at RSA with over 10 years of experience designing and building security solutions for organizations across North America. With previous tenures at Bell Canada, Cisco (IronPort), and HP (TippingPoint), Sean has been at RSA for the last 5 years, focusing on consulting on the architecture, design, and operations of Security Operations and Critical Incident Response programs