OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
OPSEC KRAV MAGA
Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
OPSEC AGAIN! WHY?
2
• Unsolved questions. • Non technical stuff. • Unrealistic advices. • The “Jordan Rules”
Security Analyst Summit 2015
ADVERSARIES
3
• Adversary != Enemy
Resources vs No Resources
Agencies The rest *.Mil Big Bad Boys
Security Analyst Summit 2015
ProTip: Don´t let your PR feed
these guys for free
MASS SURVEILLANCE
4
• Good ROI for Agencies! • They don´t like encryption
• PGP, ZRTP, OTR, TrueCrypt
Security Analyst Summit 2015
MASS SURVEILLANCE
5
• Some inherent problems • And some non-technical problems
Security Analyst Summit 2015
RECRUITMENT
6
Security Analyst Summit 2015
• Neglected approach ? • Approaches and interaction. • Move to termination.
TERMINATION
7
Security Analyst Summit 2015
• Deterrence is your best option. • Plan alternatives. • Prepare an escalation strategy.
SUSPICIOUS MEETINGS
8
• Don´t go alone. • Go on your own, plan how to get out. • Dead man switch. • Tell them you are ready.
• The trap might NOT be the meeting!
Security Analyst Summit 2015
UNPLEASANT COMPANY
9
• Suspicious patterns. • You are not James Bond. • Go to a safe place, protect contacts. • Ask yourself what they want. • Option: direct approach.
• Better: inform your people
Security Analyst Summit 2015
BORDERS
10
• If you consent a search, no warrant needed.
• Police can search your computer at the border without a warrant.
• Warrant limitations are ignored if they see something illegal while searching.
• You don´t have to help or answer questions.
• You cannot interfere or lie to an officer.
Security Analyst Summit 2015
BORDERS – OUR ADVICE
11
• Be collaborative. • Don´t make things worse. • Have your story ready and back it up. • Don´t bring anything with you.
Security Analyst Summit 2015
EXTENDING OPSEC
12
Your company should provide you:
• Single POC for when in trouble. • International legal support. • Small briefing on the country you are
going to.
Security Analyst Summit 2015
CONCLUSION
14
• STFU.
• Discipline over tools.
• Preparation and alternatives.
• Don´t forget your role.
Security Analyst Summit 2015