Reverse Engineering Attribution: The Man Behind the Man Behind the Curtain

Posted on in Presentations

Attackers can easily reverse engineer common attribution techniques to deliberately mislead investigators and security teams. This session will take a look at misattribution tactics and what the implications are for risk management.

Learning Objectives:
1: Learn how adversaries can misdirect attribution analysis.
2: Understand how the possibility of deception should affect attribution analysis.
3: Understand how to take the possibility of deception into account when making security decisions.

Awareness of threat actor attribution analysis that is generally discussed in the cybersecurity industry today. Familiarity with specific attribution techniques that are commonly used would also be beneficial but is not a must-have.

John Miller


Head of Mandiant Intelligence Analysis, Google Cloud

Jayce Nichols


Senior Director of Collection & Research, FireEye Inc.

Share With Your Community