DeepSec 2019 Talk: “The Daily Malware Grind” – Looking Beyond the Cybers – Tim Berghoff, Hauke Gierow
Given the noise generated around all the “sexy” and no doubt interesting topics like 0days, APT, and nation state-sponsored threat actors it is easy to miss what is really going on out there, in the world of Joe Average. Actual telemetry data paints a picture that is in many respects different from what happens in a lot of the news coverage. Much of the malware out there, including some that is attributed to some sort of APT, is nowhere near anything that might be considered “sophisticated”. In this talk we will shine a light on different aspects of the realities of home users as well as companies, and offer some interesting data about the malware that actually does the most damage, while precious few get all the press.
We asked Tim and Hauke a few more questions about their talk.
Please tell us the top 5 facts about your talk.
We will take a look at what happens beyond the media frenzy. This should allow us a glimpse into the real daily grind of the malware industry. There will be some over- and maybe rather underwhelming revelations. We will break down some of the internal workings of the malware industry and defuse a couple of myths that are still being propagated in the public.
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
Following our talk after DeepSec 2018 “How not to get the Cybers”, we were wondering what we could do to dive deeper into the topic of media coverage versus actual events. In early 2019, we received some new telemetry data about types of malware that were woefully underreported in the public. This gave us the idea of looking into the topic further and continue last year’s talk by expanding on who is getting all the press compared to what is going on in the background.
Why do you think this is an important topic?
There is a general tendency to always pay attention to “latest and loudest”. While this may be a valid approach in some cases, it tends to distract from the fact that stories go on even after they have faded from mainstream headlines. We want to change this.
Is there something you want everybody to know – some good advice for our readers maybe?
To correct own misconceptions about users. Some really try to install malware really hard.
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
George Santayana once said “Those who cannot remember the past are doomed to repeat it”. This quote, while close to 60 years old is now more current than ever, especially in the infused community. As many tend to focus on what is in front of them – as they should – they easily forget what lies behind them. And more often than not, past news that seemed long forgotten come back to haunt us.
Tim is a Security Evangelist at G DATA Software AG and frequently speaks about security at conferences and gatherings.He previously consulted companies and the public sector on IT-security questions.
Hauke is a spokesperson for G DATA Software AG. Before, he worked as a journalist with Golem.de as well as Head of Internet Freedom Desk at Reporters Without Borders Germany and a China Think Tank in Berlin.