• Marcel van den Berg – Threat Intel Case studies: The bigger picture of SOHO router pharming and DoFoil

    Bio

    Marcel van den Berg is Team Lead for the Threat Intelligence Group at Team Cymru. Before joining Team Cymru in 2008, Mr. van den Berg was a law enforcement officer for 13 years and helped setup the National High Tech Crime team at the Dutch National Police.

    Abstract

    Internet Threat Intelligence can be a challenge to understand. It is more than looking at where security incidents are happening. Answering the questions who?, why? and how? are as important to fully understand the threats faced.

    This talk provides a case study on how we analyzed a network of more than 300.000 compromised SOHO routers and answered the who and why question. We also provide insight on how we linked DDoS attacks on a government to malware and botnets of Eastern European criminals.