Tom Hegel

Senior Threat Researcher at SentinelLabs

Tom Hegel

Tom Hegel is a cybersecurity researcher with a long history of tracking some of the most sophisticated and unique threat actors in the world. As a Senior Threat Researcher at SentinelLabs, he has uncovered and published numerous discoveries of APTs across Russia, China, Iran, North Korea, and more, as well as new mercenary groups and financially motivated Crimeware gangs. Some of Tom's most notable contributions include uncovering the tactics and infrastructure of the ModifiedElephant, a hack-for-hire organization responsible for attacks and evidence planting campaigns against human rights activists, as well as his work tracking the operations of Chinese state-sponsored attackers such as Scarab and APT41. Tom's research has had a significant impact on the wider cybersecurity community, helping to improve defenses against these and other threat actors. In addition to his research supporting governments and businesses, Tom is passionate about humanitarian cybersecurity work and has worked on projects to help vulnerable communities and organizations around the world improve their security posture, including providing guidance and support to at-risk activists and journalists.

Talk: Analysis of a Pro-Russian Hacktivist Group Targeting NATO.

The focus of this presentation is to provide an in-depth analysis of NoName057(16), a pro-Russian hacktivist group that has gained notoriety in the past year due to its attacks against NATO government entities and private businesses. The presentation aims to explore the group's motivations, tactics, and techniques, as well as the impact of its attacks on specific targeted organizations.

Through a detailed examination of some of the group's most notable activity, including DDoS attacks and volunteer organized payment programs, the presentation will provide attendees with a technical understanding of the methods employed by NoName057(16). Additionally, the presentation will shed light on the operational techniques utilized by the group, which enable them to continue their campaigns today.

Furthermore, the presentation will discuss the attribution process, including the specific steps taken to achieve it. Attendees will gain insights into the evolving nature of nation-state backed hacktivist threats and will be provided with a comprehensive background on one such rising group.