https://www.msuiche.com/categories/incident-response/Recent content in Incident-Response on Matt SuicheHugoen-usSat, 10 Jun 2017 00:00:00 +0000https://www.msuiche.com/posts/lessons-from-tv5monde-2015-hack/Sat, 10 Jun 2017 00:00:00 +0000https://www.msuiche.com/posts/lessons-from-tv5monde-2015-hack/<p>This week during the SSTIC2017 annual cyber security conference, a French conference running consecutively since 2004, the National Cybersecurity Agency of France (ANSSI) gave a presentation detailing their 2015 audit of their investigation and remediation of the intrusion which affected TV5Monde television network channel. This intrusion was allegedly conducted by the <a href="http://securityaffairs.co/wordpress/37710/hacking/apt28-hacked-tv5monde.html" target="_blank" rel="noopener">Fancy Bear/APT28</a> actor, and resulted into broadcasting and social media sabotage.</p> <p>Although, this happened two years ago — hats off to both ANSSI and TV5Monde for sharing their experience, what they have learned and their methodology during the investigation. Very few companies understand the importance of sharing such information in order to prevent similar scenarios. This sort of feedback is incredibly valuable and informative for the community. Thanks.</p>