The Role of Public/Private Partnership in Proactive Security

Jeff WilliamsDirector of Security StrategyDell SecureWorks- Counter Threat UnitClassification: //Dell SecureWorks/Confidential - Limited External Distribution:Classification: //Dell SecureWorks/Confidential - Limited External Distribution:PublicPrivateConfickerCitadelWinFixerCoreFloodZbot/ZeuSDNS ChangerKelihos.ARustockZotobBredolabWaledacMariposaKelihos.CKelihos.BBHEKBamitalNitolClassification: //Dell SecureWorks/Confidential - Limited External Distribution:This is a diagram showing relative levels of involvement by public sector and private sector also indexed by the effectiveness of the operation long term.2()

Classification: //Dell SecureWorks/Confidential - Limited External Distribution: UCO, T3, : Classification: //Dell SecureWorks/Confidential - Limited External Distribution:DNSClassification: //Dell SecureWorks/Confidential - Limited External Distribution: (MLAT)Classification: //Dell SecureWorks/Confidential - Limited External Distribution:/DNS

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:ZotobFarid EssebarAchraf Bahloul () Atilla Ekici ()

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:8Conficker2008111RPC (MS08-067)ADMIN$SHA 1 RC4 (C) Windows UpdateSecurity CenterWindows Defender WindowsConficker Working Group24096 RSAMD6Classification: //Dell SecureWorks/Confidential - Limited External Distribution:WinFixer20052006 (2007)200812Innovative MarketingJames RenoSam JainDaniel SundinMarc DSouza Kristy Ross201216300FBI Criminal case1480

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:Rustock20052011spamISPMcColoMicrosoftFireEye spam7560Classification: //Dell SecureWorks/Confidential - Limited External Distribution:KelihosMicrosoftKasperskyCrowd StrikeAndrey Sabelnikov ()Dominique Alexander Piatti370022Classification: //Dell SecureWorks/Confidential - Limited External Distribution:Bredolab20101025FoxIT143 (3 C&C)20Georgy Avanesov20124

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:Coreflood2010230Dell SecureWorksISC^2 FBIFBI MicrosoftCorefloodClassification: //Dell SecureWorks/Confidential - Limited External Distribution:DNS Changer20072011400Aleureon (Aleureon?)FBIDell SecureWorksISC61()DNS FBIISPClassification: //Dell SecureWorks/Confidential - Limited External Distribution:Citadel5 2MicrosoftDell SecureWorks1468FBIDell SecureWorks

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:: ( )Classification: //Dell SecureWorks/Confidential - Limited External Distribution::

Classification: //Dell SecureWorks/Confidential - Limited External Distribution:: ISPClassification: //Dell SecureWorks/Confidential - Limited External Distribution:: Classification: //Dell SecureWorks/Confidential - Limited External Distribution:STIX (Structured Threat Information Expression)/TAXII (Trusted Automated eXchange of Indicator Information)Classification: //Dell SecureWorks/Confidential - Limited External Distribution:Classification: //Dell SecureWorks/Confidential - Limited External Distribution: ( Santrex CyberBunker)

Classification: //Dell SecureWorks/Confidential - Limited External Distribution: