AusCERT 2014 Kicks Off

Edward Felton

Edward Felton

Graham Ingram opened this year's AusCERT conference, the thirteenth, saying that the most obvious theme is that of you lose trust in security. "Where are you? What's left?" he pondered.

Now that we are in what Ingram called the "post-Snowden era", the security community needs to reconsider security completely.  This is what drove this year's conference agenda leading to what Ingram called a "battleground" as the program committee grappled with which speakers and topics should be covered.

Is Trust Dead?

The first speaker at this year's opening plenary session was Felix Lindner from Recurity Labs. His topic, "The Extinction of Trust", was founded on a quote by Neitsche "Convictions are more dangerous enemies of truth than lie". His talk, which was somewhere between a philosophical soliloquy, rant, ramble and analysis of the infosec world, covered a lot of ground.

The security industry, proposes Lindner, is based on people buying lots of tools, a preponderance of sensors providing information and a focus on the perimeter. But the real world is very different.

The actors in infosec are nation states and they are making the Internet a more dangerous place, reflected Lindner. Citing the work of Stephen Van Evera, Lindner discussed how Offensive-Defensive Theory is a substantial driver of the actions of nation-states in their offensive online activities. In short, there's a belief, according to Lindner, that many nation states "have a lot to gain for little effort". But he believes those perceptions are founded on assumptions rather than facts.

The focus of these nation-state attacks are often on critical infrastructure but this i
Lindner reflected on the history of the Internet. Reminding the audience that the Internet was initially created and funded by the military (back in the ARPANET days) he says it's no surprise "that they want it back".  In parallel, the definition of what is a military target is increasingly fuzzy. Is an attack on a power grid a military action, what the UN calls war, or is it a use of force that isn't war.

The Wassenaar Arrangement, an international agreement covering the trade of arms, was modified to include "Intrusion software" in December 2013. While the widely used weapon of the 20th century was the AK47 rifle, in the 21st century the most widely used weapon is the botnet.

Lindner says that if you talk to security system and software vendors you'll learn that all technology in commercial security comes from hacker research. However, it's no longer legal to share this research as it's now considered arms dealing.

Continuing by doing the same things we've always done, is like continuing to dig in order to get out of a hole. The only silver bullet for security is people.

"Whether we win against the bad guys is really not what matter. What really matters is what do we sacrifice and what do we keep safe," concluded Lindner.

Ultimately, Lindner's message was straightforward: "Trust security – it's all we have left".

Fight back against mass data collection

The second keynote speaker was Edward W Felten from Princeton University. He is also the Chief Technologist for the United States Federal Trade Commission.

He started by looking at the continuing release of data leaked by Edward Snowden, pointing out that there is a desire by the NSA to collect, process and exploit as much data as possible. This is a contrast to past strategies by agencies that only collected and processed targeted data.

How do we defend against and all-powerful adversary? How to defend against pervasive insecurity?

Felten started by reminding the audience that trust, from a security point of view, had a very different meaning than what is generally attributed. On security terms, when one party trusts another it really means that you're letting them into your systems and that they will have access to sensitive material.

In his wide-ranging speech, Felten said it was important that the security community railed against mass data collection. For example, he suggested that telephone data records should not be stored en masse in a central repository – a position held by security agencies in the US – but retained in databases held by telcos.

Mass collection and retention by government agencies was a poor outcome for the community, he argued.

Awards and USB Sticks

In parallel with AusCERT 2014, is the Law Enforcement Challenge. Mark Laffam of the Australian Catholic University won this year's challenge.

Conference materials were provided on an encrypted USB stick this year. Hopefully, there won’t be a repeat of the embarrassing gaffe where USB sticks distributed at the 2008 event were infected with malware.

Join the CSO newsletter!

Error: Please check your email address.

Tags security#AusCERTnews#auscert2014

More about Australian Catholic UniversityAustralian Catholic UniversityFederal Trade CommissionIntrusionNSATelstra Corporation

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place