Submitted by Ziv Mador and Ryan Barnett
This blog post will summarize a recent talk that we (Ryan Barnett and Ziv Mador) gave at the RSA 2014 conference where we showed how tactics used by different cyber-criminal gangs could be used by defenders. You can also listen to this previous SpiderLabs Radio podcast where Karl Sigler interviewed us about our talk.
Turning the Bad Guys Against Themselves
You may be familar with the Ouroboros symbol where a Serpent is eating its own tail. It symbolizes cyclicality and self-recreation and is applicable to the constant battles that security vendors/researchers have when facing bad guys. For our presentation, we used a modified version called "Dual Ouroboros" where you have two Serpents eating each other's tails.
This is the essence of the concept that we wanted to promote in our talk where we want to leverage the tactics and techniques used by one group of criminals and apply them defensively to help protect against a different criminal element.