Skip to main content

Episode 18: Christopher "Tophs" Elisan on Malware Trends

by Chris Brook on Wednesday March 14, 2018

Contact Us
Free Demo

In the latest episode of the Digital Guardian podcast, Christopher "Tophs" Elisan, Principal Malware Scientist at RSA, describes recent malware trends he's seen, two approaches to thinking about breaches, and the dangers of attributing attacks.

Welcome to Episode 18 of the Digital Guardian Podcast! On this episode our hosts Will Gragido and Chris Brook chat with Christopher "Tophs" Elisan, Principal Malware Scientist at RSA about his introduction to information security, including stints at Trend Micro, Damballa, and F-Secure before landing at RSA. Tophs describes a few trends he's seen adopted by malware authors as of late, including using commercial solutions as threat infrastructure. Tophs, Will, and Chris also briefly discuss breaches, the concept of "malware factories," and the dangers of attribution around Olympic Destroyer, the malware that hit the Olympic Games earlier this month. As always, you can listen and subscribe to our podcast via SoundCloud, iTunes, or Google Play to keep up with new episodes every month.

Highlights from this episode include:

  • 02:18 - Tophs describes how he got his start in infosec
  • 13:57 - Tophs on the origin of the term "watering hole attack"
  • 16:01 - Tophs explains how malware is still able to excite him after all these years
  • 17:16 - "What type of malware really impresses you?"
  • 21:10 - How has the concept of the "malware factory" evolved over time?
  • 27:41 - The difference between intent-drive breaches and opportunistic breaches
  • 33:45 - Looking ahead to 2018 and 2019, will Equifax be the high water mark when it comes to breaches?
  • 35:11 Will open source technology continue to be an attack vector?
  • 40:00 - Tophs on Olympic Destroyer and the dangers of attribution

Intro/outro music: "Groovy Baby" by Jason Shaw, licensed under CC BY 3.0 US

Previously on the Digital Guardian Podcast

Tags:  Podcast Malware

Recommended Resources

The Definitive Guide to DLP

All the essential information you need about DLP in one eBook.

The Ultimate Guide to Data Protection

Everything you need to know about data protection but were afraid to ask.