Incident Response & Threat Intelligence

B2: Going Undercover in the Underground - A Practical Guide on How to Safely Infiltrate and Engage

Thursday, June 8, 2023 11:00 AM - 12:00 PM

Room 405/406


The dark web is filled with threat actors planning nefarious crimes. Cybersecurity professionals know that threat hunting in these underground environments is necessary, but they don’t know the most crucial step to beginning the process. ‘How do you access the deep and dark web?’ and ‘How do you gain a threat actor’s trust?’ These are the most commonly asked questions of cybersecurity professionals preparing a proactive threat hunt. Navigating the underground requires dedication to persona management and setting up a safe and secure environment to ensure one does not expose themselves to malicious actors. Senior Threat Intel Specialist at Cybersixgill, Michael-Angelo Zummo, will demonstrate how to set up a secure environment (dirty machine) using Tails, how to find sources in the dark web, best practices when creating your first persona, communicate with threat actors, and of course, how to seek out threats once you gain access to the sources where threat actors plan, play, and profit. All while using real examples that attendees can try for themselves.

Learner Objectives

From this session attendees will: 1) Gain practical knowledge on the tools threat actors use to remain anonymous and communicate 2) Identify popular sources where threat actors communicate and share malicious tools and sensitive data 3) Learn how to threat hunt once one has successfully infiltrated these underground sources