#IICSG2018 Conference Deep-Tech Track
Day 1 (24 May 2018)
2.00pm—2.45pm
@ Stamford Ballroom (Olivia)
Abstract
Full Disk Encryption (FDE) may be rather useful as a defense mechanism against potential theft of a computer system. However, when the system is compromised and requires careful forensic analysis, FDE can be quite painful to forensic analysts. Unless you deal with standard and widely supported encryption such as LUKS, Bitlocker, TrueCrypt or few others, it might really hard to get through the layers of crypto code in proprietary software.
This presentation will attempt to solve this by introducing a way to break into live running custom FDE setup remotely.
About Vitaly Kamluk
Vitaly has been involved in malware research at Kaspersky Lab since 2005. In 2008, he was appointed Senior Antivirus Expert, before going on to become Director of the EEMEA Research Center in 2009. He spent a year in Japan focusing on major local threats affecting the region. In 2014 he was seconded to the INTERPOL Global Complex for Innovation in Singapore, where for 2 years he worked in the INTERPOL Digital Crime Center specializing in malware reverse engineering, digital forensics and cybercrime investigation. Vitaly has presented at many public international security conferences including Blackhat USA, Blackhat Asia, Defcon, HITCON, BSides LasVegas, PHDays, ZeroNights, FIRST, Ruxcon as well as multiple closed-door invite-only security industry events. He is a trainer of Yara for threat intelligence researchers and an author of open-source project Bitscout for remote digital forensics.
About Nicolas Collery
Nicolas Collery has been in the security field for over 15 years, focusing on fighting cybercrime. Passionate about forensics, malware analysis, and now simulating attacks focusing on real-adversaries tactics, techniques and procedure (TTP) to assess capability to prevent, detect and respond. He has worked on the implementation of some of the current security controls that help to provide security and peace of mind to its customers.