The Threat Actor Behind SOLARWINDS SUNBURST Supply Chain Attack

Please join us for Defending Against, Investigating, and Responding to UNC2452 Intrusions – The Threat Actor Behind SOLARWINDS SUNBURST Supply Chain Attack presentation on Tuesday, May 25, 2021 from 12pm to 1pm presented by Nader Zaveri from Mandiant.  Please register for the event at: https://attendee.gotowebinar.com/register/1353055025830960398.  After registering, you will receive an email confirmation with information about joining the webinar.  Feel free to share this event with people outside of our organization.

UNC2452, the threat actor behind the SolarWinds SUNBURST supply chain attack, is one of the most advanced, disciplined, and elusive threat actors Mandiant has ever investigated. UNC2452’s operators have a mastery of both offensive and defensive skills – and have used that knowledge to refine their intrusion techniques to hide in plain sight. They’ve compromised dozens of organizations in the government, NGO, technology, security, telecommunications, and education sectors. They leverage several attack vectors to obtain access to victim environments and use creative and clandestine techniques to maintain persistent access. We will discuss their tradecraft observed in several victim environments and discuss ways organizations can better defend their networks from this threat actor and the other actors that will emulate UNC2452 in the future.

About our speaker:

Nader Zaveri has over 14 years of experience in IT security, infrastructure, and risk management.

Nader has assisted client’s incident response investigations to help investigate and understand the storyline of the attack for most allusive nation-state threat actors that are associated with infamous on-prem and cloud-based breaches. He also leads the remediation efforts with his knowledge and experience by providing strategic short, medium, and long-term remediation recommendations to directors and C-level executives. He also leads the efforts in providing tactical recommendations to specialists, to improve the security posture of an organization. Nader also has experience with leading transformational projects over infrastructure and processes with technical and organizational change components in response to rapidly evolving business needs and regulatory requirements.

Nader Zaveri conducted interviews and presentations for dozens of organizations and conferences regarding cloud and on-prem Incident Response and Remediation topics. He regularly provides security updates and briefings to C-Suite personnel during and after an incident, as well as assist with post-remediation and hardening efforts for the organization.

Prior to joining Mandiant, Nader Zaveri spent several years in leadership positions at major cyber security consulting firms. Before joining consulting, Nader worked as a lead practitioner for multi-national organizations.