Last week, OpenDNS Labs had the good fortune to attend and present at the QuBit Conference in Prague, CZ. It was held in the beautiful Grandior Hotel, just minutes from Pragues downtown center.
Josh Pyorre from OpenDNS spoke on increasing efficiency in security operations and incident response through the use of automation and other techniques. It’s an evolving and ever-changing conversation, so try to see it if you ever have the chance!
The topics were interesting and diverse, but with two tracks and only one of us, we regrettably couldn’t catch them all.
Here are some of the highlights of presentations we could attend:
Michael Goedeker, CEO of Hakdefnet Cyber Security delivered the opening keynote: ‘A tale of two cities: Firesale and the evolution of Cyber Espionage’
His presentation took us through the evolution of commodity malware, from simple infections to its use in targeted attacks and the various analysis techniques that have adapted throughout that evolution.
Peter Allor, Senior Security Strategist for Cyber Incident and Vulnerability Handling at IBM presented: ‘Securing your company for Todays Cyberwar’.
He discussed the trends in attacks and company breaches occurring in 2015 and strategies to employ when defending against new attacks.
Aamir Lakhani, an independent security strategist presented: ‘The Dark side of the Internet Force’.
He provided examples of content that can be found within ghost markets, the sites used to buy and sell drugs, hacking for hire and other illegal items and activities in the dark web. These markets work on reputation, like most community-driven marketplaces. As a researcher, he’s a known entity on those sites and can converse honestly with sellers and buyers about his position and research. This position grants him better access to the inner workings of some transactions than other researchers.
He demonstrated how easy it is to purchase compromised PayPal accounts, ATM skimming hardware and software, and even very realistic counterfeit currency, which passed for real currency when tested at banks.
Justin Harvey, CTO of Fidelis Cybersecurity presented: ‘Best Practices for Proactive Hunting’.
He suggested some ideas for quicker remediation of compromises in a SOC environment. His ideas on automation in incident response were highly valuable and informative.
Tomas Rosa presented: ‘GPS Hacking -From Beautiful Equations to Serious Threats’. He demonstrated some cool GPS tricks and touched on software defined radio. His research used easy to manage software and hardware to do some pretty cool things that we probably can’t attempt in the US without upsetting the FCC.
Jan Kolouch and Ales Padrta, both from CESNET in the Czech Republic presented: ‘Phishing and Ransomware in the Czech Republic (2012-2015)’. They led the audience through the changing face of Ransomware as seen in various legal cases, from Fake Anti-Virus pop-ups to current threats such as Locky and SamSam. They discussed their analysis of phishing emails, drive-by downloads and the notices that victims received as each variant changed.
Raoul Chiesa: President of Security Brokers presented: ‘(Digital) Democracy and massive-control in the post-Snowden age’
His talk analyzed the concepts of data breaches and violations of privacy after the NSA leaks, along with recent incidents in Kiev and Caracas. He also included a focus on democracy and large-scale information control in the 21st Century.
In addition to the great speaker content and clean organization of the conference, Microsoft sponsored a speakers dinner on the first evening where we could talk over the sounds of local music while passing around plates of goulash and other eastern European specialties.
The organizers of QuBit created a very professional and comfortable atmosphere with high profile speakers who delivered practical and helpful advice. The conference was busy, but felt intimate, allowing participants to find value in the time they took to attend.