The Enemy Within: Industrial Espionage and Your Network at DeepSec 2015

Sanna/ September 3, 2015/ Conference, High Entropy, Security

Networking is vital to aquire jobs in the business world, manage projects, and develop products. It all started with the World Wide Web, now we also interact via various clouds and social media platforms with our staff, clients, and customers. Data gets outsourced to third parties, and business letters are airily send by Instant Messenger (due to the lack of messenger ravens, sadly).
But the thoughtless embrace of networks invites threats, previously known only from the silver screen – spies. And, unfortunately, in today’s digital environment, it is no longer enough to just close the door to protect yourself from prying eyes. There is much more to be considered.

We’re here to help. DeepSec does not want to leave your company out in the cold: Attend our next conference which takes place in Vienna on 17 to 20 November 2015 at the Imperial Riding School Renaissance Vienna Hotel!

Ever year at DeepSec information security experts will advice and support you with spot-on talks and trainings.

You learn about the dangers of the World Wide Web:
Every networked website may allow interaction with your internal systems (remember, one is enough). A single wrong click can have disastrous consequences. The fancy technological gadgets you use offer no protection. Attacks through seemingly innocuous documents are commonplace, even the mere displaying of data can be dangerous. The Stagefright vulnerability for Multimedia Messaging Service (MMS) on Android smartphones, the error in the PDF viewer of Mozilla Firefox, the gap in Microsoft OpenType Font format or the message, which causes Apple iPhones to freeze… attacks work in various different systems. We show you what to look for – and what to avoid.

Get to know your enemy:
Good defence also includes exercises, and security testing from the perspective of the adversary. Our trainers show you how to perform these tasks properly and how far one can get by controlled burglaries. Spying is about taking advantage of all resources: such as drones, smuggled smartphones, faking identities, or copied authentication data. “From the outset on one must learn to think creatively. Contemporary attacks take unusual paths that you can only detect thinking out of the box”, says Michael Kafka, organiser of DeepSec.

And you learn to protect yourself properly:
Take the IPv6 Workshop for example. IPv6 is now part of any corporate network automatically, whether you like it or not. So it is high time to configure it properly and manage it securely. We also offer a Web Application Security Training, which shows you what can go wrong: Using prominent examples of Google, Yahoo! or Mozilla Web Apps. Another lecture covers attacks on cryptography and gives you an overview how to use encryption properly. We especially recommend this training to everybody, who works in penetration testing. We have an additional training course showing developers how to harden their web applications.
But spies also employ seemingly old-fashioned methods from way back: We’re talking about human interaction, of course. They use the phone, social media or trying to deceive people by simply presenting themselves wearing appropriate clothes to get access to internal company secrets.
Camouflage & Deceit: Exploiting everyday communication through social engineering is the norm. There, too, you must take action to defend your company. We offer you a remedy: Our social engineering workshop.

Every company has its secrets. They belong to the base of each business. In times where entrepreneurs  can’t expect help from the government when it comes to their digital protection, you should ready yourself to face the problem. Bring your own IT team up to date – visit this year DeepSec 2015 conference. The full schedule can be found, well, on the schedule web page.

DeepSec 2015
17 to 20 November
The Imperial Riding School Renaissance Vienna Hotel
Ungargasse 60
1030 Vienna
Austria.