When it comes to a specialist conference, it is not only the lecturers' quality that matters, but it is also important to exchange experiences with other participants who are in similar positions  and deal with similar issues. IT-Defense offers a clear framework to discuss security issues and topics with other participating security experts. 

Participants can discuss their own problems and other profound issues in small groups. For this purpose, IT-Defense lecturers serve as moderators; however, it is also possible to form individual groups on specific subjects.

Simultaneous round-table discussions will be available on Friday, January 29, 2016.

Darknet – Volker Kozok

The round table is an updated repeated version of the IT-Defense 2015 round table.

In a 45-minute introductory talk, the organization and the structure of the darknet will be introduced; taking the example of the Silk Road case, the approach of online criminals and the investigating authorities‘ work to counteract the new form of cybercrime will be outlined. The speaker will also go into details regarding the TOR technology, crime as a service and the importance of virtual currency taking the example of the bitcoin.

Following this, the pros and cons of the darknet structures and the conflict area of network freedom versus government control will be up for discussion.

The undeclared war: cyber warfare between Russia and the Ukraine – Volker Kozok

A 45-minute introductory talk will, based on open sources, present the Russian cyber warfare strategy and the actions of Ukrainian and Russian hackers in the so-called cyberwar. In addition to classic hacker attacks by the leading hacker groups Cyber Berkut or Inform Napalm, this also includes the use of social media or hacker attacks for propaganda purposes. Taking the example of Crimea, the talk reveals how the communication infrastructure of a country can be brought under control.

Following this, individual experiences and insights may be discussed.

Note: At this presentation, recording, taking pictures or taping as well as using the contents without the approval of the speaker is prohibited.

Duplicate keys with molding – Alexandre Triffault

The use of molding is secular and applied in conjunction with key copying and simple logic, it allows duplicating almost any key, would it be flat or dimple, for pin locks or lever locks, with magnets or moveable elements.

During this round table session, you will be able to discover most of those techniques, either with traditional clay and dual-component silicones, and low melting temperature metals to make perfect duplicates.

Legal regulations for achieving secure IT infrastructures? IT Security Act, WLAN liability and data retention – Joerg Heidrich

The Federal Government has identified the “Digital Agenda” as one of the most important purposes of the current legislative period. The agenda, inter alia, includes the IT Security Act and the revision of the WLAN liability. The data retention must also be seen in this context. The presentation clarifies who is affected by these new regulations (everyone in Germany!) and addresses the question of how useful they are for strengthening IT security and e-commerce.

Adversarial role-playing (How to audit like an attacker) - Jayson E. Street 

This round table will be a hands-on exercise in looking at your website/networks from your adversary's viewpoint! We will go over well-known companies’ websites using public (legal also) means, showing how attackers look for weaknesses and information that companies willingly provide them. We will go from Google to their website to social media. You will see firsthand how simple it is to create a thorough attack profile of your target using methods that they could never detect. The second part of this is going to be a Q/A session on what we can do to better protect your company from this kind of recon attacks.

BlueToot - When NFC met Bluetooth – Adam Laurie 

In the ever-increasing world of Internet of Things, it's only natural that your NFC-enabled phone should want to take control of some of its own features... Why not enable Bluetooth or visit a web page simply by waving it over a contactless tag? What could possibly go wrong?

In this session, we will look at the capabilities of NFC-enabled Android smartphones, and how history is repeating itself as the convergence of new and old technologies raises some old spectres. In particular, I will demonstrate and dissect the Mobile Pwn20wn prize-winning attack in which millions of Android devices were found to be vulnerable to Bluetooth "Forced Pairing".

Further information to the round-tables will follow after release by the speakers.