The AusCERT 2013 security conference, which coincides with the government-sponsored National Cyber Security Awareness Week (NCSAW), dominated the news during the week, and the CSO Australia team was there in full force to hear the latest from industry experts from across Australia around the world. Google kicked off the conference by pushing for greater involvement from security professionals as the national broadband network (NBN) ramps up. HP argued that security professionals need to embrace big-data analysis techniques to improve their security analysis, while one Deakin University researcher told how he’s using cloud-based data analysis to improve recognition of new forms of malware.
There were some big names attending, with University of London senior lecturer Dr Lizzie Coles-Kemp talking about society’s attitudes to security and HD Moore, whose Metasploit Project has scanned every Internet address in the world, shared the very interesting – and rather worrying – results of his efforts. A cybersecurity analyst, with the NATO Cyber Defence Centre of Excellence in Estonia, pointed out that cross-border cybersecurity partnerships won’t necessarily follow established geopolitical alliances.
The head of IT security at Foxtel pushed the importance of executive relationships and managed security services providers in keeping abreast of security developments, while a government-department CIO shared his experiences deploying bring your own device (BYOD) policy in a government department.
A gaggle of security experts offered opinions on the current market, with one Cisco Systems engineer warning IPv6 pervasiveness can present a security risk to companies even if they’re not actively using it, and another suggesting that poor management of privileged logins was an open invitation for advanced persistent threats (APTs).
Another was arguing that the world needs to formalise discussions around ‘hack-back’ rules of engagement (even as a US report pushed for stronger hack-back powers), while another was describing his success retrieving data from Android phones long after it was supposed to have been deleted.
On a similar note, Packetloop was talking about the short half-life of vulnerability data and arguing that data is most useful just after it’s created. Security analyst and author Parmy Olsen argued that the idea of ‘hacktivism’ is past its prime, while a Mozilla software developer argued it was time to kill the password and adopt alternative identity-management projects.
A security researcher was sceptical about the recent surge in claims that cyberespionage was to blame for hack attacks, with naïve users a more likely cause. The Queensland Police were pressing banks to boost the rollout of ATM chip technology to reduce crime-ring attacks, while a scam victim shared the harrowing story of her loss of $300,000 to a convincing Nigerian email scam. And Dell launched its SecureWorks security-services business across Australia New Zealand, adding further expertise to a sector where new experts have been rapidly emerging in recent years.
AusCERT marked 20 years of activity, with its annual conference recognised as a touchstone for the industry and researchers with a diversity of strong opinions. If you’re a fan of photos, the sights of AusCERT are online – day 1, days 2 and 3, and the gala awards night – and all offered their share of interest and excitement as the region’s premier security conference wrapped up.
Although AusCERT 2013 dominated NCSAW festivities, it was also the time for ACMA to revamp a Web site that’s allowing visibility into a database currently being used to inform ISPs of more than 10,000 new malware-infected Australian PCs per day. Worryingly, at least one ISP reports that as much as 80% of its warning notices to users are never actually read.
That’s yet another worrying statistic in an ocean of concerns about the global security posture. Security vendors are clueless when it comes to industrial control systems, reports warn, with the US power grid under continuous cyber-attack.
Brazilian hackers are redirecting visitors to online Bitcoin exchange Mt Gox, sending them to a phishing page even when they enter the correct URL. Law-enforcement targets, the Payza online payment platform, Facebook and several financial institutions were also targeted by online attacks, while cybercrime investigators were connecting the dots and suggesting interesting links between a recent hack into Norwegian telco Telenor and an Indian security firm.
Chinese hackers were also fingered in reports of new cyberespionage attacks, prompting a mixed response from security experts, while Tibetan users were targeted by an unusual piece of malware. Reports of such hacks continue to trickle in from around the world, driving moves such as New Zealand’s entreaty for IT security firms to join a government security-services panel.
Just one in three developers builds applications with security in mind, a Microsoft survey has suggested, prompting many to push for a rethink in application and security design. Even game engines aren’t immune, as some researchers recently found, while Mac OS X got some new additions to the pantheon of spyware for that platform.
One factor in the reinvention of security-focused design will be smartphones, which are playing the major role in two-factor authentication schemes like the one Twitter has adopted to plaudits from experts. Such protection will become even more important as US Department of Defense approval for Apple’s iOS 6 mobile operating system opens the door to greater government use for the platform.
Google will upgrade the security of its SSL certificates by lengthening its encryption keys, and has updated its ‘Penguin’ anti-spam engine. With Google’s Android platform driving the mobile malware threat, however, it’s still a path that requires prudence and caution, even more so because the mobile payments market is being fingered as a driver for financial fraud.
News that Microsoft may be scanning the messages of Skype users would worry some privacy advocates, as would claims – refuted by Microsoft – that 47m Xbox Live accounts have been compromised. And small businesses would have worries of their own with the news that almost half of SMBs have been victims of cybercrime.