Photos from the frontline: AusCERT 2010
Sophos' Paul Ducklin gave a very popular talk on encryption to a packed audience — but were they there for him or to see if they won the scale model tank he was giving away?
James Turner, security analyst at IBRS, in deep thought.
This is Jason Pearce from M86 Security in his "e-Crime, the Age of Cybergeddon" presentation. He told us that this was his best side in photographs!
We loved this message on one delegate's shirt, which summed up the mood of many IT security professionals.
ZDNet Australia's Ben Grubb interviewing Brian Hay, who heads up the Fraud and Corporate Crime group at the Queensland Police Service.
Patrick Gray, creator of the Risky Business podcast, said this was his eighth AusCERT conference. "You have the same vendors selling the same solutions for the same problems. The solutions and problems have got a little more complicated, but it is the same," he said.
Eugene Kaspersky, founder of the antivirus firm with the same name, painted a very grim picture in his presentation on the future of digital security. He talked about criminals offering other criminals cybercrime products that came with money-back guarantees, technical support and terms of service.
The Blue Room was packed for Eugene's presentation — you can see a very amused James Turner from IBRS in the front row.
Kaspersky said cybercriminals are just like the legitimate software industry except they don't pay taxes and they don't report their financial results. "I call it C2C. B2B is business to business, B2C is business to consumer and C2C is criminal to criminal," he said.
Kaspersky showed a picture of a wrecked BMW, which crashed and killed the driver during an illegal street race in Moscow. He said the driver was 19 and had paid for the car with proceeds from his cybercriminal activities. "Not bad — from both sides. A new BMW 7 Series is good and a dead criminal is good as well."
During his presentation, Eugene decided to preserve the moment and take a picture of his audience.
Marcus Ranum, chief of security for Tenable Network Security, opened day two of the AusCERT 2010 conference with a highly amusing presentation titled "Scenes from the 2010 US/China Cyberwar". Ranum is credited with being one of the first innovators and implementers of commercial firewall technology.
It's fairly easy to wonder why, asked Ranum, that everyone is complaining about Chinese cyber attacks. "If you look at the vast majority of the commercial hacking activity, it is coming from the US. If you were a rationalist, you would be wondering why isn't the whole world complaining about us [the USA], not the other way around," he told delegates.
Marcus said Americans are the "bad-asses" of cyber warfare because of organisations like the SANS (SysAdmin, Audit, Network, Security) institute, which teaches people "how to be a cyber-warrior". He also called the DEFCON conference "a combination of performance art plus computer security".
Ranum theorised that after realising that the US has so many companies "devoted to producing cyber-offensive weapons" and was "constantly promoting and training hackers", the Chinese Army commanders recognised "they had a cyber-war gap and started a catch-up program".
Ranum pointed out that in Iran, "when the government stole the election", US officials "were encouraging Twitter to stay online to help ferment rebellion in Iran". The Iranian Government arrested people for distributing US anti-censorship software, which Ranum said was likely Tor, PGP or "something else that came from a US research lab".
The closing keynote at AusCERT 2010 was given by Cisco's VP and chief security officer John Stewart, who unlike the other speakers decided to deliver his entire presentation while walking around among the audience.
According to Cisco, the company's executives prefer to avoid presenting from the stage so they can "make a real connection and establish eye contact with the delegates". Here you can see AusCERT general manager Graham Ingram looking on as Stewart continues his talk.
Stewart said he was impressed with the amount of information sharing — between partners and competitors — in order to collectively fight cybercriminals. He called on chief information security officers to not push back projects, which they might later regret. "Don't let this conference in two years be a conference in which we say to ourselves, if we only started something two years ago, we would be better off than we are," he said.
The final part of the AusCERT conference was a panel discussion between many of the speakers at this year's event. The speaker second to the right is not a strange alien being, they requested their picture not be published so we have blurred them out.