Alexis Dorais-Joncas
Last known affiliation: ESET
Bio: Alexis Dorais-Joncas started his career in cybersecurity in 2010, when he was hired by ESET as a malware researcher. In 2015, Alexis was appointed head of ESET’s R&D branch office located in Montreal, where he and his team focus on cutting edge malware research, network security and targeted attack tracking. Their goal: shed light on the latest trends and developments in the malware ecosystem and implement efficient and innovative countermeasures to allow ESET customers to be safe online. Alexis is an established speaker on current cyberthreats, having spoken in front of both very technical audiences at events such as Bluehat and M3AAWG, and in higher-level settings such as RightsCon, SERENE-RISC workshops and GoSec. He has been quoted in several security and technical media such as Wired, ITWorldCanada, DarkReading and Ars Technica, with broadcast appearances on Radio-Canada and Skynews.
Alexis Dorais-Joncas 🗣 | Facundo Munoz 🗣
Abstract (click to view)
Air-gapping is used to protect the most sensitive of networks: voting systems, ICSes running power grids, or SCADA systems operating nuclear centrifuges just to name a few. In the first half of 2020 alone, three malicious frameworks devised to breach air-gapped networks emerged, making a grand total of 17 since Stuxnet in 2010. This prompted us to step back and reanalyze all those frameworks from the vantage point of having discovered and analyzed three of these in the past six years. We put the frameworks in perspective to see what history could teach us in order to improve air-gapped network security and our abilities to detect future attacks.
This exhaustive analysis allowed us to isolate several major similarities in all of them, even those 10 years apart. We pinpoint the specific areas of air-gapped networks constantly leveraged by malware and provide objective advice on how to best prioritize the deployment of resources to increase security.