Press Release: Attacks On IT Through Desktop And Mobile Devices
DeepSec conference focuses on everyday devices as a risk for corporate IT.
Attacks on the digital infrastructure of companies, authorities and organizations are often staged as a cinema spectacle in the reporting. Unfortunately the opposite is the case. A burglary in digital infrastructure happens without any broken glass or smashed doors. Attackers can only be successful if superficially everything continues as before. They don’t come through the windows or the underground car park, but via everyday applications on the desktop or smartphone. This year’s DeepSec security conference is therefore trying to sharpen the view on everyday life in the office and at the workplace. Two-day training sessions are offered focusing on workplace hazards, as well as two days of lectures to bring you up to speed.
War for the desktop and personal devices
Few burglaries happen directly through the wall. Each building has holes by design that are closed with doors and windows. It is precisely at these points that security measures usually come into play. There are access controls, security glass, reinforced doors, locks and much more to ensure that unauthorized persons do not gain access. For this reason, analogies that have nothing to do with reality are often used when advertising security products. You can’t lock up digital devices if they can communicate with the outside world without restrictions. Besides false reports, unwanted e-mails also contain attachments or hyperlinks that point to external websites. This means that both windows and doors are located directly at the workplace, regardless of whether it is in the company or in the home office via teleworking. In a two-day workshop, the expert Abraham Aranguren shows the properties of well-known applications such as teams, Skype, Slack or similar programs and what significance this can have for security. In fact, modern desktops are very complex constructs made up of a multitude of components in different programming languages. The scope inevitably means that it can hide vulnerabilities that might be exploited. In the workshop, you will learn everything about the technologies, how errors can be exploited and how attacks can be carried out directly on the end device. This knowledge is critical in building an effective defense.
Other workshops deal with the security of apps on Android and Apple iOS systems and the use of Office documents to attack organizations. Smartphones and documents are an integral part of everyday life in work and private life. Attackers can therefore rely on finding these objects in the target environment. Here, too, knowledge of the opponent’s options is essential in order to understand how attacks can be carried out and recognized.
Search for clues
The ultimate goal of all burglars of digital infrastructure is not to be discovered. Of course, the procedure depends on the intention. In ransomware attacks, data on the target object is encrypted and possibly copied. This process is immediately apparent. The same applies to the deletion of data or destruction if, for example, control systems are linked to physical devices. In such scenarios, the intruders will still behave stealthily until the intention can be implemented. Security experts have developed many methods over the past few decades to find signs of compromise. The approaches are multifaceted. Network activity can be used for analysis. Alternatively, you can check the workstation devices or server systems directly and look for traces of manipulation. In his two-day training course, Michael Meixner teaches how to proceed in the network. Among other things, Active Directory configurations and forensic procedures are highlighted in order to extract the information relevant for an investigation.
You can also look for vulnerabilities in the code of applications that can be found before the attackers can use them. If you are using your own developments, you are well advised to test them thoroughly before using them. Especially for companies that supply customers with it, secure coding techniques should be used and IT security standards should be applied. Seth Law and Ken Johnson offer their expertise in a two-day training. The course is intended for both advanced users and developers who are just implementing secure coding techniques. Digital defense must start in the software itself.
Focus on research, incidents and infrastructure
The lectures offer a spectrum of further training and for the analysis of new weak points in known applications. There is also a special focus on the research of the Cyber Security Group of the Caucasus University in Tbilisi. Researchers report results in the area of device tracking in 5G networks, post-quantum cryptography, attacks on wireless input devices and the use of machine learning algorithms in the field of open source intelligence. All topics are described in detail in presentations. Researchers will be available for discussion and questions throughout the conference.
Proper communication in crisis situations will be examined in a separate lecture. Hauke Gierow, a communications specialist with many years of experience, will show you how to communicate correctly in a crisis and pass on factual information. It’s about all levels, not just public information. The knowledge can also be used for internal communication, because hardly any security incident can be cleared up by one person alone.
Another topic is industrial control systems and embedded devices. The specialists from Sematicon will show how control systems can be attacked. Of course, how to reduce the attack surface of these systems and which errors are critical for security will also be discussed. Applications in the measurement and control area are no longer as isolated as in the past because of the progressive networking of company infrastructure. A demonstration during the conference will illustrate this.
Programs and Booking
The DeepSec 2022 conference days are on November 17th and 18th. The DeepSec trainings take place on the two previous days, November 15th and 16th. All training courses (apart from announced exceptions) and lectures are intended as face-to-face events, but can take place partially or completely virtually due to future COVID-19 measures. For registered participants, there will be a stream of the lectures on our internet platform.
The DeepINTEL Security Intelligence Conference takes place on November 16th. Since this is a closed event, we ask that you direct inquiries about the program to our contact addresses. We provide strong end-to-end encryption for communication: https://deepsec.net/contact.html
You can order tickets for the DeepSec conference and the training courses online using the link https://deepsec.net/register.html. Sponsor discount codes are available. If you are interested, please contact deepsec@deepsec.net. Please note that we depend on timely ticket orders to ensure planning security.