1.  By Tom Madden, Chief Information Security Officer, Centers for Disease Control and Prevention

2.  34 years with the federal government  27 years involved in cyber security (was cyber security when cyber security wasn’t cool)  18 years in the nuclear weapons program  Became CDC’s first CISO in 2003  Entered the Senior Executive Service in 2008  Most memorable quote from a JSU Professor in 1983  Proud double alum of Jacksonville State University

3.  Participated in the National Critical Infrastructure Intelligence Committee with DNI, CIA, DIA, and FBI among others to determine national threat priorities

4.  Two fundamental models of attack after very different data  A third model encompasses the conventional hacker who has different motives than the APT model o Rarely coordinated o Generally small in scope o Cannot be ignored

5.  Resembles a crime syndicate  Targets financial institutions and other movers of money  Extreme Stealth  Leave very little behind  Not well understood

6.  Extremely well organized  Not after money – after data – any data  Appears to be state sponsored  Uses K-12 and large university systems as “drops”  If not caught in the act (.rar 443) almost impossible to detect (needle in haystack)

7.  Education – education – education  Teach developers security (cross site scripting and sql injection almost always present)  Scan apps in development  Harden domain controllers  Two factor authentication for all elevated actions

8.  The conference approach – use hospitality  The birthday approach  Common interests  Visitor out smoking at the back door  Service and repair

9.  A word about jobs!!!  ADVANCED PERSISTENT THREAT (APT) against U. S. Business, Education and Government IT Installations  Tom Madden  770-488-8666  aqt6@cdc.gov