Infosec at AusCERT 2013: the media coverage

Here’s a list of the news stories I’ve found this morning that have been written about the AusCERT 2013 information security conference.

The theme for this year’s conference was “This time it’s personal”:

[The theme reflects] the growth in attacks and unauthorised disclosures of online personal information. Motivated by illicit financial gain, cyber criminals obtain unauthorised access to personal information, but more and more, we are seeing data disclosures being posted publicly by attackers for political motives, rather than financial gain.

Hence the theme will resonate within the information security community and remind us that the online environment provides opportunities galore to capture personal information; of the impact these breaches can have on the lives of individuals; and the importance of information security to prevent these attacks. AusCERT2013 will explore these issues and bring experts from Australia and around the world to provide insight and solutions to deal with these challenges.

Items are arranged alphabetically by masthead and then chronologically. If I’ve missed anything, please let me know. Indeed, I daresay that some more articles will be published on Monday or Tuesday, so if that happens I’ll update this post appropriately.

There’s a lot here for me to read, so if I’m going to write a reaction piece some time then it’ll be… later.

The Australian

• Banks urged to upgrade ATMs
• AFP seeks social monitoring tools
• Hackers could trigger heart attacks
• Cyber spies lead G20 security threat

Australian Financial Review

• Kaspersky says Huawei had wrong attitude to government
• NBN must be secure: Google chief
• Google Glass and social media to help police investigations

Business Spectator

• Very close to the worst case cyber security scenario: Kaspersky

CSO Online

• AusCERT 2013: NBN users need security professionals’ help, says Google: Google has urged security professionals to help Australians stay safe on the National Broadband Network (NBN).
• Dell targets ANZ security opportunities as SecureWorks debuts locally: An IT security skills crunch may be hitting many established security providers and security-conscious companies, but new entrant Dell SecureWorks is confident it can thrive as it today throws its white hat into the ANZ security-services ring.
• In pictures: AusCERT 2013 Day One: The annual AusCERT conference began on the Gold Coast with an invasion by some friendly storm troopers. Delegates heard insights from Google, the Department of Environment and Queensland Police Service. The conference continues until Friday.
• AusCERT 2013: Big data skills help beat the bad guys, says HP: HP’s Colin Henderson believes the security industry needs to become more adept at understanding the role of big data in security analysis, to try and stay ahead of an increasingly sophisticated and collaborative “black hat” world.
• AusCERT 2013: Home-electronics gear’s UPnP as insecure in Australia as rest of world: Metasploit: Australia’s Internet space shows the same distribution of vulnerable IP ports as the rest of the world and a dangerous preponderance of insecure Universal Plug ‘n’ Play (UPnP) devices, Metasploit Project founder HD Moore has warned while recounting the surprising results of his efforts to catalogue the results of communicating with every IP address on the Internet.
• AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave: Organisations convinced they have been the victims of state-sponsored cyberattacks may want to take a deep breath and look at their employees first, one security expert has advised during his address at the AusCERT 2013 security conference.
• AusCERT 2013: Police urge banks to install ATM chip technology: Australians will continue to be ripped off by international crime syndicates unless banks fast track the rollout of ATM chip technology, according to Queensland Police Detective Superintendent Brian Hay.
• AusCERT 2013: World needs debate about “hack-back” rules of engagement: It’s time for a debate about the kinds of actions that infosec professionals are allowed to take against attackers, according to CrowdStrike co-founder and CTO Dmitri Alperovitch.
• AusCERT 2013: Ashley Deuble: Network Security Monitoring with Security Onion: Although web application attacks have existed for over the last 10 years, simple coding errors, failed input validation and output sanitization continue to exist in web applications that have led to disclosures for many well-known companies. The most prevalent web application attacks are SQL Injection, Cross Site Scripting and OS Command Injection. With an increased number of companies conducting buisness over the Internet, many attackers are taking advantage of lax security and poor coding techniques to exploit web applications for fame, notoriety and financial gain.
• AusCERT 2013: World needs debate about “hack-back” rules of engagement: It’s time for a debate about the kinds of actions that infosec professionals are allowed to take against attackers, according to CrowdStrike co-founder and CTO Dmitri Alperovitch.
• AusCERT 2013: What’s it like to be a ‘Nigerian scam’ victim?: Feelings of shame and despair at being conned out of $300,000 by a convincing Nigerian based email scam led Queensland interior decorator Jill Ambrose to attempt suicide twice.
• AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry: Polymorphic malware may be good at evading signature-based scanning engines, but the application of advanced algorithms to terabytes’ worth of malware dumps is enabling one Deakin University PhD student to detect even new strains of malware by assessing their similarity to existing, known malicious code.
• AusCERT 2013: Low-level analysis can find, map data deleted from Android phones: Android-based smartphones are not only gaining notoriety as being susceptible to malware, but research presented by a Queensland University of Technology (QUT) forensic expert confirms that it’s possible to extract personal information from an Android phone long after that data has been deleted.
• AusCERT 2013: Perimeter protection has failed, encryption needs its day in the sun: In a security industry that hasn’t changed much in 20 years, SafeNet’s Andrew Younger says, it’s strange that nothing much has changed in that time – except that we keep failing.
• AusCERT organisation celebrates 20 years: Fireworks lit up the sky as the AusCERT organisation kicked off its 20th birthday to coincide with the annual awards night.
• AusCERT 2013:Packetloop looks at the half-life of security information: Data is at its most valuable just after it’s created, and vulnerability data in particular has a short half-life, says Packetloop’s Michael Baker.
• AusCERT 2013: Interview with Dr Lizzie Coles-Kemp: Dr Lizzie Coles-Kemp is a senior lecturer in the Information Security Group, Royal Holloway University of London. She is keenly interested in how social behaviours influence our attitudes to security. For example, in communities where Internet accounts need to be shared between family members, the security professional’s assumption that one account and password identifies one person is undermined. CSO spoke to Dr Coles-Kemp about the nexus between social behaviours and information security.
• AusCERT 2013: Visibility critical when selling IT security to execs, says Foxtel CSO: Hard-to-find security skills and the rapid pace of malware evolution make a strong relationship with a managed security services (MSS) provider as important as maintaining the internal tools to keep business executives apprised of IT-security risk, Foxtel information security manager Kevin Shaw has advised.
• AusCERT 2013: ‘Hacktivism’ may have passed its prime, but it still left its mark: Get used to hacktivism, because we’re stick with it – but whether it fits the media image of “Anonymous”, or how long Anonymous as it first emerged will continue, is a different question. That’s the message from Forbes’ Parmy Olsen, author of We Are Anonymous: Inside the Hacker World of Anonymous, LulzSec and the Global Cyber Insurgency, speaking to AusCERT 2013.
• AusCERT 2013: Deploying BYOD in a government environment: Strong executive desire to use iPhones led the Department of Sustainability, Environment, Water, Population and Communities to start looking for solutions that would separate government from personal information.
• AusCERT 2013: International cyberwar response more complex than geopolitical treaties: NATO CCD COE analyst: They may not be able to call on real-world cooperation and defence agreements to build their cyberspace defences yet, but government security organisations may find value in emulating Estonia’s experience building a voluntary ‘cyber corps’ of security professionals available in times of need, NATO CCD COE (Cyber Defence Centre of Excellence) analyst Anna-Maria Talihärm has advised.
• In pictures: AusCERT 2013 gala awards night: The annual AusCERT gala awards night kicked off with fireworks as the organisation celebrated its 20th birthday. Guests enjoyed entertainment from comedian Adam Spencer while taking the chance to network.
• In pictures: AusCERT 2013 roundup: Vendors and delegates were out in force for AusCERT 2013 on the Gold Coast. Here’s a roundup of some of the action.
• AusCERT 2013: Companies unaware of IPv6 security risk even if they’re not using it: Software vendors’ proactive approach to IPv6 has created a glaring security hole for companies that think they haven’t activated the next-generation Internet addressing protocol yet, Cisco Systems consulting security engineer Stefan Avgoustakis has warned.
• AusCERT 2013: Unmanaged, unknown privileged logins opening the door for APTs: Cyber-Ark: Many companies find out the hard way that poorly managed distribution of sensitive access credentials is helping advanced persistent threats (APTs) scour networks for privileged-user credentials, Cyber-Ark’s Asia-Pacific vice president Dan Dinnar has warned.
• AusCERT 2013: Kill the password, says Mozilla: Mozilla Persona had one of its first conference Australian outings at AusCERT 2013, with software engineer on the project, New Zealand-based Francois Marier’s tutorial on the architecture of the identity project.
• AusCERT 2013: Four dissenters to spur next year’s security debates: Dissent is always more enjoyable than conformity. Not only does it make a better story for a journalist, it occasionally forces people to think.

The Register

• Embedded systems vendors careless says Metasploit author: ‘Own five percent of the Internet without even blinking’.
• SCADA security is better and worse than we think: ‘Kill chains’ are long and attack-stopping weak links are many.

SC Magazine

• The boring and the obvious matters: Google’s Michael T Jones on the importance of helping the masses.
• AusCERT 2013: Photos day one.
• Hacking humans: When Hollywood hacking becomes plausible.
• AusCERT2013: Cyberwar of words: Conventional warfare isn’t cyber.
• Shadowserver fights amplified DDoS attacks: Fingers recursive DNS servers.
• Dragon at the Gates: Lt Col Bill Hagestad asks: do we truly understand the Chinese cyber challenge?
• Red Hat boffin probes North Korea: Intel gathering highlights infosec weaknesses on a broad scale.
• CrowdStrike: Jump the gun: Security industry called to take assertive action.
• AusCERT2013: Risk assessment tutorial: How to stop execs gambling on information security.
• Love in the time of online scams: Queensland Police on tackling romance scams with ‘reverse social-engineering’.
• Department of Sustainability goes BYOD: Push comes from the top.
• Cops probe social media after London attack: Tracking sentiment with software.
• AusCERT 2013: Photos day two.
• Investing in the human firewall: Remember the human element.

Sydney Morning Herald

• Amateur sleuths crack North Korean secrets: An online community of amateur satellite sleuths are [sic] gathering intelligence about North Korea by comparing historical differences in satellite imagery.
• The fly-by, Wi-Fi hacking machine.

ZDNet

• Be the internet police, not an internet dictator: Google: Users could be saved from a lot of pain if information security professionals acted like dictators and forced them to patch, update and take precautions, but Google’s chief technology advocate has called for a less totalitarian scheme.
• AusCERT 2013: This time it’s personal: As another AusCERT conference kicked off in the Gold Coast today, Munir Kotadia explains why he is disillusioned with security in all its forms.
• Did the US force China to develop its online army?: Whether the US or China started the online fight, both sides are rallying forces, and with the right spark, it could end with catastrophic consequences.
• When the CISO shouldn’t blow the whistle on vulnerabilities: Highlighting the fact that there are security vulnerabilities in your organisation sounds like common sense, but there is such a thing as doing it too fast, according to Foxtel CISO Kevin Shaw.
• Online businesses need citizens’ arrest powers: Alperovitch: Former McAfee Threat Research vice-president Dmitri Alperovitch has called for greater powers for private companies, saying that they should be allowed to make citizens’ arrests and limited retaliatory action against hackers.
• AusCERT 2013 day 1: Speed, fraud, and interruptions: What do security specialist HD Moore and the Queensland Police have in common? They both feature in this lighthearted round-up of day 1 at AusCERT 2013.
• AusCERT 2013 Day 1 (photo feature): AusCERT has returned to the Gold Coast for another year, and ZDNet was there to bring you all the highlights.
• AusCERT 2013: Parrot Drone war: Munir Kotadia took a Parrot 2.0 Drone to this year’s security conference, but things didn’t quite go to plan.
• US government has no idea how to wage cyberwar: Ranum: The US government’s offensive approach to ‘cyberwar’ demonstrates that it doesn’t understand that strategies and tactics used in the physical world simply don’t apply to the online world, according to Tenable Security’s security chief.

For previous years, I compiled lists of my own contributions only: AusCERT 2011, AusCERT 2012.