AusCERT 2012 and the militarisation of cyberspace

AusCERT 2012 logo: click for conference websiteI didn’t make it to information security conference AusCERT 2013 this year. I’m about to read what’s been written and compile a list — but first, a reflection on what happened in 2012.

When I look back two years to what I wrote from AusCERT 2011, I’m reminded that we were just getting our head around the implications of the Stuxnet worm. Not only was malware being written by organised criminals, and we were facing an explosion of anti-banking malware and mobile malware, and looking ahead to when an angry child might deploy malware against their neighbours — we were now made well aware that malware was also being written by nation states with budgets in the millions of dollars and beyond.

But looking through the list (below) for AusCERT 2012, what jumps out is the emphasis on the militarisation of information security, as well as the emphasis in the scale of criminal activities. I won’t expand on that, because the conversation with AusCERT general manager Graham Ingram speaks for itself.

Articles from AusCERT 2012

Podcasts from AusCERT 2012

  • Patch Monday episode 139, “War talk dominates AusCERT 2012”, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.
  • Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Bonus Extra Video

After the conference, my flight back to Sydney was delayed. With the need to kill some time, this video was the result.

My compilation of reports from AusCERT 2013 will be posted later today. My compilation of reports from AusCERT 2013 is now online.

Weekly Wrap 105: Trains, television and Singapore resolved

My week from Monday 4 to Sunday 10 June 2012 was a week of unexpected events.

I didn’t expect to be in Sydney quite as much as I was, and especially not for the purposes of committing television.

I didn’t expect it to be quite so goddam cold.

And I didn’t expect a few other, personal things that I’m not going to be telling you about.

Podcasts

  • Patch Monday episode 141, “Hosing down the Flame worm hype”, primarily a conversation with Trend Micro senior threat researcher Paul Ferguson.

Articles

Media Appearances

Corporate Largesse

None.

The Week Ahead

While Monday is a public holiday, I’ll be putting together the Patch Monday podcast for the Tuesday. Tuesday itself will be a planning day, in theory.

On Wednesday I’m covering a business briefing at the American Chamber of Commerce in Australia entitled The Internet — a Bigger Economic Boom Than Mining, Really for Technology Spectator and, I suspect, Business Spectator as well.

On Thursday I’m covering the lunch of IBM’s report “A Snapshot of Australia’s Digital Future to 2050” (not yet promoted on the internet) for ZDNet Australia.

And then on Friday I have a story due for CSO Online and then another Patch Monday podcast.

My week is arranged! So what are the odds of it actually going to plan?

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream (or they used to before my phone camera got a bit too scratched up) and via Instagram. The photos also appear on Flickr, where I eventually add geolocation data and tags. Yes, I should probably update this stock paragraph to match the current reality.

[Photo: Sydney CBD viewed from Harris St, Ultimo, on Friday evening. Yes, another Instagram shot taken with my battered phone camera. This situation will change soon.]

Flame gets me talking cyberwar worms on The Project

The Flame worm seems to have captured the imagination of the mainstream media this week — to the point where I ended up talking about it on the Channel TEN program The Project on Tuesday night.

If you’re not up to speed yet, try my day one piece for Crikey then my day two piece for CSO Online — the latter having been written after we’d all calmed down a bit.

As you can see, I’ve uploaded the relevant video clip to YouTube because I can’t seem to get the official embed code from The Project’s website to work properly. If that YouTube embed isn’t working either, you can view the segment on YouTube. Or watch the entire program segment on The Project’s website.

Yes, The Project team really did manage to turn a discussion of cyberwar into a joke about masturbating to internet pornography. It’s a talent.

Continue reading “Flame gets me talking cyberwar worms on The Project”

Talking Stuxnet and Flame worms on ABC Local Radio

The Stuxnet worm that attacked Iran’s uranium enrichment program was indeed launched by the US, according to a major investigative report published by the New York Times shortly before I was due to appear on ABC Local Radio this evening.

So guess what we talked about.

Yes, the Stuxnet worm, as well as the newly-discovered Flame worm that’s been in the news this week — including my Day 1 piece for Crikey and Day 2 for CSO Online.

The host was Dom Knight, and here’s a recording of the whole conversation.

The audio is of course ©2012 Australian Broadcasting Corporation. As usual, I post the material I’m involved with here as an archive and reference.

AusCERT 2012: What’s changed since 2011?

I’m currently on the train down from the Blue Mountains to Sydney, en route to the AusCERT 2012 information security conference on the Gold Coast, and I’m thinking about what stories might emerge.

Here’s what I wrote last year when, just like this year, I was on the ZDNet Australia team:

The feeling I get from scanning those headlines is that there’s always a lot of scaremongering but the threats often don’t materialise. Are the threats over-stated? Does pointing out the threats trigger an effort to counter them, thus defeating them? Is it all just a bit too screechy?

And over the last year there’s been so much talk of imminent cyberwar. Is that just this year’s fashionable scary thing on a stick? I intend to ask a few questions. And I’ll plug it again: Thomas Rid says we shouldn’t believe the hype.

I haven’t yet looked in detail at the conference program but will do so over the next few hours. What do you reckon I should be investigating?

[Update 16 May 2012, 0625 AEST: Changed second paragraph to emphasise that I am covering the event for ZDNet Australia this year as well as last.]

Talking cybersecurity on ABC Radio National Breakfast

Actually, this message about cybersecurity being a serious emerging theme for 2012 seems to be getting more mainstream coverage than I thought it would. I was part of a cybersecurity panel discussion that was broadcast on ABC Radio National’s Breakfast this morning.

Also taking part were Richard Stiennon, chief research analyst at IT-Harvest in Detroit (I spoke with him about Anonymous and Stratfor on this week’s Patch Monday podcast), and Sean Kopelke, director of security and compliance solutions at Symantec Australia. The host was Jonathan Green, who is usually editor of ABC The Drum.

Over at the ABC’s website you can find the program audio and (perhaps, eventually) transcript. But I’m also including the audio below, just in case their systems fail.

This audio is ©2012 Australian Broadcasting Corporation, of course. Even though we don’t get paid.