Omer Coskun

Ethical Hacker Royal Dutch Telecom (NL)

BIOGRAPHY

Omer works as an Ethical Hacker for KPN’s (Royal Dutch Telecom) REDteam in Amsterdam, the Netherlands. He enjoys diving into lines of code to spot bugs, tinkering in front of the debugger and developing wise tactics/tools to break applications on his day to day work. Prior to joining KPN REDteam, Omer worked for companies like IBM ISS, Verizon and as an external government contractor. He holds an Honour’s Engineering degree in Computer Science.

Twitter: 0xM3R.

Why nation-state malwares target Telco Networks: Dissecting technical capabilities of Regin and its counterparts

The recent research in malware analysis suggests state actors allegedly use cyber espionage campaigns against GSM networks. Analysis of state-sponsored malwares such like Flame, Duqu, Uruborus and the Regin revealed that these were designed to sustain long-term intelligence-gathering operations by remaining under the radar. Antivirus companies made a great job in revealing technical details of the attack campaigns, however, it exclusively has almost focused on the executables or the memory dump of the infected systems – the research hasn’t been simulated in a real environment.

GSM networks still use ancient protocols; Signaling System 7 (SS7), GPRS Tunneling Protocol (GTP) and the Stream Control Transmission Protocol (SCTP) which contain loads of vulnerable components. Malware authors totally aware of it and weaponing exploits within their campaigns to grab encrypted and unencrypted streams of private communications handled by the Telecom companies. For instance, Regin was developed as a framework that can be customized with a wide range of different capabilities, one of the most interesting ability to monitor GSM networks.

In this talk, we are going to break down the Regin framework stages from a reverse engineering perspective – kernel driver infection scheme, virtual file system and its encryption scheme, kernel mode manager- while analyzing its behaviors on a GSM network and making technical comparison of its counterparts – such as TDL4, Uruborus, Duqu2.

Are you the next cyber security superstar?

If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.

Other speakers joining this year

Gustavo Grieco

Phd. student CIFASIS (AR)

Konrad Jedrzejczyk

Senior Incident IS Response Analyst (PL)

Yury Chemerkin

Security Expert (RU)

Ready for this year's presentations?

By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.

0
SPEAKERS
0
COUNTRIES
0
ATTENDEES
0
HACKING
COMPETITIONS
0
COMPANIES

Sponsors & Partners

They help us make this conference possible.

POWERED BY

As an infrastructure operator, technology integrator and IT&C services provider, Orange Business Services supports businesses and public entities in their digital transformation. Collect, transport, protect, store and process and analyze: they orchestrate every phase of the data journey, for your business to create even more value.

WWW.ORANGE.RO

PLATINUM PARTNERS

Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

WWW.IXIACOM.COM

Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

WWW.SECUREWORKS.COM

GOLD PARTNERS
SILVER PARTNERS
GAMING PARTNERS
VIP & SPEAKER LOUNGE PARTNER
BRONZE PARTNERS
COMMUNITY & MEDIA PARTNERS