Since the June 2016 announcement that the Democratic National Committee (DNC) had been breached by two Russia-based threat groups known as FANCY BEAR and COZY BEAR, the story has evolved from a presumed espionage operation into a series of strategic leaks and conflicting attribution claims. In this presentation, we’ll demonstrate techniques used to identify additional malicious infrastructure, assess the validity of the Guccifer 2.0 persona and other outlets like DCLeaks, and the strength of the attribution analysis.
Toni Gidwani is the Director of Research Operations at ThreatConnect and leads ThreatConnect’s research team, an elite group of globally-acknowledged cybersecurity experts dedicated to tracking down existing and emerging cyber threats. Prior to joining ThreatConnect, Toni led analytic teams in the U.S. Department of Defense. She is an adjunct faculty member at Georgetown University.