Press Release: Spy Tools must not become Standard Software

Sanna/ August 3, 2022/ Press

DeepSec security conference warns of the growing market for spy tools.

Information technology has gained a new acronym: Private-Sector Offensive Actor (PSOA). PSOA means something like a private-sector offensive opponent. The specific case of a PSOA has also reached Austria because of research by Microsoft®. An Austrian company is accused of being involved in digital attacks on Microsoft® customers in Europe and Central America. The case illustrates that spyware continues to be developed and used as a dangerous threat to information security. The DeepSec security conference taking place in November repeatedly warns against such technology and will deal specifically with the details of industrial espionage.

Threatening security as a business model

Bypassing security measures is a lucrative business model. Companies are active in this field all over the world. Some buy knowledge of security gaps for a lot of money and use it to attack digital infrastructure. This approach is controversial. Leading security experts categorically reject this way of dealing with threats. No one would keep serial defects in vehicles, medicines or other goods secret in order to trade with this knowledge. In information technology, however, this is a way to make good money. Besides economic success, another structural problem stands in the way of ostracism. With politics, the misconception that there are good and bad security gaps persists. The EU Commission’s push to introduce backdoors in all news broadcasting programs is a good example. However, this mistake has been refuted for decades. In particular, the use of such spy software for surveillance was ruthlessly dismantled in 2011. The Chaos Computer Club successfully analyzed malware used by the authorities. The findings were set out by journalist Frank Schirrmacher in a 2011 article entitled Code is Law. Breaking into and manipulating computer systems cannot be rewarded if one seriously wants to advance the digitization of a state and a society.

Another side effect is that companies that make spy software like to hide behind the terms security and information analysis. There are even global international security conferences that embody the opposite in substance. One deliberately plays with positive terms in order not to attract attention.

Surveillance and industrial espionage are siblings

From a purely technical point of view, accessing data is always the same operation. The context alone determines whether this takes place as part of an attack or a normal operation. Because of this, certain applications are natural targets for attackers. Common data formats or fake websites that invite cooperation through interaction are especially suitable. Programs designed to protect against such attacks play an important role. Antivirus filters must have access to all data, including sensitive data, because they have to check it. This also explains the warning issued months ago about certain products for geopolitical reasons. Errors in these filters are therefore particularly critical, and such are reported again and again, even in well-known and widely used products.

Monitoring software is in the same position as malware filters. Access to the data to be monitored is a basic requirement. This is where the problem lies. Security experts criticize that this access can be misused for other purposes. No matter how much work you put into advertising these interfaces or applications, from the point of view of information security, such methods remain predetermined breaking points that can threaten an entire economy. Secure communication is required at all levels of society. Critical infrastructure is highly worthy of protection and has its own regulations. Communication can also be critical, but should be monitored across the board. As a result, companies are automatically targeted by industrial espionage, which will become an integral part of current threats now and in the future. Companies that produce tools to undermine information security therefore threaten their own country’s economy. Added to this damage are the inevitable consequences for the civil society.

Digital Defence Forum

This year’s DeepSec and DeepINTEL security conferences in November will explore threats including government-sponsored malware. Securing digital assets remains the top priority for governments and businesses. With several two-day workshops and a full program of lectures, defenders should be optimally prepared. Many security experts from all over the world have been invited. The topics covered range from the design of a secure infrastructure, testing of applications at all levels, elucidation of the capabilities of the other party, to the anatomy of solved attacks. Specifically, it is about the properties of the malware used by certain groups and their methods. The presented pool of knowledge is essential to improve the protection of one’s own digital infrastructure.

All aspects of industrial espionage are dealt with in its individual parts as the attacks exploit multiple disciplines, such as social engineering, technical vulnerabilities, and weaknesses in the infrastructure. In addition, there will be a focus on software and hardware for industrial control. Industry 4.0 and the wide world of the Internet of Things (IoT) is closely linked to secure software development. There will be showcases of secure products during the DeepSec conference. You can also talk to developers to discuss the structure of existing applications and protecting software. Details of the program will be published in the course of the coming weeks.

Programs and booking

The DeepSec 2022 conference days are on November 17th and 18th. The DeepSec trainings take place on the two previous days, November 15th and 16th. All training courses (with a few exceptions) and lectures are intended as face-to-face events, but can take place partially or completely virtually because of health protection measures. For registered participants, there will be a stream of the lectures on our internet platform.

The DeepINTEL Security Intelligence Conference takes place on November 16th. Since this is a closed event, we ask that you direct inquiries about the program to our contact addresses. We provide strong end-to-end encryption for communication: https://deepsec.net/contact.html
You can order tickets for the DeepSec conference and the training courses online using the link https://deepsec.net/register.html. Sponsor discount codes are available to you. If you are interested, please contact deepsec@deepsec.net. Please note that we depend on timely ticket orders to ensure planning security.

Share this Post