Program Presentations

Presentations – IT-DEFENSE 2018

Psychometric Computing and the Brighter Future of AI – Vesselin Popov

Click. Tap. Share. Swipe. Every day, each of us leaves behind millions of digital signals that reveal our innermost desires. For the most part, these traces are harmless and are considered part of the natural debris of the internet. However, when it becomes possible to automatically predict our personality or political views using this data, and to use it for profiling or targeting purposes, it becomes a different story.
Some computer models know more about us than our friends and families, and digital footprint prediction – in one form or another – is becoming increasingly prevalent, from marketing and HR to finance and politics. There are also clear opportunities to augment security and law enforcement capabilities, for example through early warning systems, predictive policing or more accurate threat detection. Yet this area is still fraught with legal, ethical and operational challenges that must be debated in greater depth and better informed by multidisciplinary perspectives.
Notably, there remain issues around online profiling, algorithmic bias and interpretability of the black box, whose resolution is fundamental to securing a bright future for artificial intelligence – one from which all citizens can benefit, and where democratic institutions are strengthened rather than undermined. Vesselin will discuss the risks and rewards of technology that can psychometrically assess an individual in milliseconds, and put forward guidelines on how business can safely leverage these methods for innovation and personalisation.

It's Not About the Cloud – Marcus Ranum

Security practitioners have been grappling fairly successfully with the problem of managing cloud systems integrated with private data infrastructures. That has resulted in a lot of complexity and management headaches, but - if you think that was bad - the movement toward application-based management and liquid networking is going to have an ongoing impact that may demolish a lot of security organizations.  In this talk, I will try to predict the forces that are going to move security for the next decade. Hint: it's not what you think.

You won’t be rewarded for beginning but for hanging on – Marc Gassert

What gets a son of German parents with Bavarian roots and blonde hair to devote himself to the Shaolin Monastery, learn martial arts and develop the desire to transfer knowledge from the Far East to the Western world?

Shaolin monks have an almost superhuman strength. They have an incredible body control and hardly feel any pain. Not even physical laws seem to apply to them. Nothing and nobody can offer resistance to their power, their body control and their mental strength. There are no obstacles for a Shaolin. He just clears them. All that matters is the objective. And yet: A company is not a monastery, and its employees are not monks. So what can thousands of years of ancient wisdom of the Shaolin monks accomplish in a company? How can it support people in acting permanently successfully in modern, highly complex daily life?

Marc Gassert will give you the answer in his talk. He explains: The main difference between the Shaolin monks and normal people is discipline.

Whoever has seen and heard Marc Gassert once will remember him as “the blonde Shaolin”, even though he is actually a Bavarian rascal. Truly refreshing with irresistible charm and unmistakably funny.

Attacking SDN infrastructures: Are we ready for the next-generation networking? – Changhoon Yon

Recent technology innovations have dramatically changed today’s network environments. The traffic volume across today’s networks has tremendously risen, and the service providers are striving to deal with frequently changing service demands. Legacy networking infrastructures and technologies, which are no longer suitable nor effective networking solutions, are now reaching their limit, and the industry is eager to adopt the next generation networking technologies, such as software-defined networking (SDN).
SDN, in particular, is already being adopted by many companies at a rapid pace; however, is this technology secure enough to be deployed? In this talk, we will examine the current state of SDN security by analyzing various cutting-edge SDN components available today.

Hacked? Pray that the attacker used PowerShell – Nikhil Mittal

PowerShell is probably the most widely used Windows tool by attackers in recent years. It has been used for client-side attacks, enumeration, privilege escalation, bypassing various defenses, backdoor machines, lateral movement and more. There have been two phases of post exploitation and lateral movement: one before PowerShell and one after it. Does this mean that PowerShell is a tool meant for attackers? Why would Microsoft provide attackers with such a tool?

PowerShell has come a long way when it comes to detecting attacks. For the past couple of years, it has enhanced logging and detection capabilities, which makes it really hard for an attacker to use PowerShell and not leave a trace on a target system. Other scripting options, on Windows or other operating systems, may not provide such capabilities.

In this talk, we discuss PowerShell attacks, their detection, bypasses for the detection and detection of the bypasses. The talk will be full of live demonstrations.

The Next Revolution – Mikko Hypponen

We've lived our lives in the middle of a revolution: the Internet revolution. During our lifetime, all computers started talking to each other over the Internet. Technology around us is changing faster than ever. We've already become dependent on our digital devices, and this is just the beginning. As connected devices open new opportunities for imagination, they also open up new opportunities for online criminals. Where are we today? Where are we going? And how are we ever going to secure ten billion new devices that will be going online over the next decade?

Think and Act Like a Hacker to Protect Your Company’s Assets - Paula Januszkiewicz

Is there a weakness in your IT security system? Wouldn't it be better to find it before an untrusted source or hacker does? Even a small-scale security breach could leave your business in poor condition. Every day, you can apply some basic behaviors to protect your company from being attacked. It is really surprising how often a hacker can use the same paths to enter your system! In the end, information security is not an IT department's problem, it is a business issue! Let’s put you into the hacker's role and perform all the activities they would to better understand the threats.

During this interactive presentation, you will be presented with the following:

  • The tasks performed by hackers or penetration testers in order to check for misconfigurations and vulnerabilities
  • New things that make it hard to expect what part of the operating systems will be hit
  • Ways to search for security-related updates and learn the newest threats to the infrastructure with mitigation methods
  • Facts around management, monitoring and hardening as the most important things right now to perform the right information protection
  • New technologies that are needed to keep up with the evolving insecure world
  • A tip sheet for implementing best practices

Join Paula in the journey to the darker side of IT security, and use this knowledge for making good decisions related to your systems.

The Lightbulb Worm: Where Next? – Colin O’Flynn

Philips Hue is among the most popular smart light systems. Despite the apparent simplicity of these devices, it turns out that they have a variety of interesting attacks possible, including the ability to launch a self-spreading “worm” that goes between connected lights directly (without the need to talk over the Internet or other methods). This talk details both technical details of the attack, along with problems facing IoT products due to this new generation of attacks, and how designers can detect them and make better decisions.

Reverse Engineering x86 Processor Microcode - Benjamin Kollenda & Philipp Koppe

Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. In addition to facilitating complex and vast instruction sets, it also provides an update mechanism that allows CPUs to be patched in-place without requiring any special hardware. While it is well-known that CPUs are regularly updated with this mechanism, very little is known about its inner workings given that microcode and the update mechanism are proprietary and have not been analyzed thoroughly yet.

This talk will start with a (very short) crash course in CPU architecture and where microcode is used in practice. We will then cover our reverse-engineering methods and how we were able to discover the semantics of x86 microcode. We will then demonstrate, also with a live demo, this knowledge with multiple microcode programs that implement both defensive measures and provide an attacker with hard-to-detect backdoors. Lastly, we will discuss security implications and possible countermeasures against this threat.

IT-Security Requirements of the General Data Protection Regulation (GDPR) – Joerg Heidrich

The new European data protection law will enter into force as from May 2018, entailing extensive changes also for those responsible for IT. More than ever, IT security will be a major component of data protection. This results in new requirements, especially regarding the protection of sensitive data but also in terms of documentation and reporting. Along with the technical requirements, potential fines will increase as well; therefore, anyone dealing with IT would be well advised to prepare for the upcoming changes, which this talk will demonstrate.

Swimming IoT: Possibilities to Attack Supertankers or Yachts – Stephan Gerling

Modern ships such as supertankers or luxury yachts are equipped with a great number of modern communication systems. Discovered rather by accident, this has soon become a very interesting topic, the more one deals with the different attack vectors against “swimming IoT”. This talk will show you potential attacks on GPS (Global Positioning System), AIS (Automatic Identification System) and autopilots as well as the dependencies between them. Since modern ships, too, have Internet, attacking possibilities against Internet routers will also be demonstrated. The security flaws detected in a common Internet router for maritime environments will be presented in detail. NMEA, the maritime counterpart to CAN Bus in the automotive industry, is the quasi-standard on modern ships. Attacks on NMEA can be accomplished rather easily, while NMEA to IP/USB gateways are still quite unexplored.

In the next years, we will be reading headlines on security flaws in maritime equipment even more often.