Welcome to MediaNama’s Live Blog from Nullcon 2019. Please note that quotes may be paraphrased for brevity and speed.
Adam Laurie “old school hacker” delivers the keynote address
In the session “Cybersecurity and Privacy from the Global Lens”, EFF’s Eva Galperin touched on why security is essential for journalists and activists.
(paraphrase) Eva Galperin: journalists, activists are vulnerable because they piss off people in power. They need to be protected. #nullcon
— June Bug (@thejunebug) March 1, 2019
Galperin: govts have trade crafts and systems for their security work. Journalists and activists don’t. Neither do lawyers. That makes them easy to own. #nullcon
— June Bug (@thejunebug) March 1, 2019
Galperin: once you own a phone, there’s many things you can exfiltrate. #security #privacy#nullcon
— June Bug (@thejunebug) March 1, 2019
Galperin: Facebook and WhatsApp used as targets to send phishing messages. They’d go to the watering hole server.. sites that looked like the original. #nullcon #privacy #security pic.twitter.com/33upUyHRAI
— June Bug (@thejunebug) March 1, 2019
Galperin: cyber warfare is getting cheaper, mobile as a primary attack vector… #nullcon #security #privacy pic.twitter.com/aSEVmtK5bt
— June Bug (@thejunebug) March 1, 2019
Galperin: journos and activists don’t buy expensive reports (put out by security researchers) – these reports are the for the public good, they need to be made public. Speak up when you see abuse of journos and activists because no one else is going to do it..#nullcon
— June Bug (@thejunebug) March 1, 2019
*
Onto the session “Breached? – Here is how I responded!” – multiple speakers and one moderator. Each point in a bullet.
- Moderator: Breaches can happen to anyone…how do we take care of it?
- Person 1 (Reliance Jio): There are 3 different containers in a breach: ID and have a critical asset ranking, build your vulnerability assessment of your crown jewels and it has to be live.. the second is your detection controls, how effective are your tools and analyst skills? When these 2 containers don’t work effectively, the third container is the breach… if you detect your breach, you are prepared for it.. but once you’re alerted, there has to be a rehearsal of what you’re going to do once the breach happens. Business, customers and regulators are involved so the response has to take into account all these stakeholders…
- You need to ID different breach scenarios, their severity etc
- Media and legal teams have to work together
- Person 2 (Visa): Lightning speed required to detect, respond and contain that issue…
- We’ve to be careful of external traffic.
- Person 3 (
RedditRediff): Your response to the breach needs to start before the breach… 90% of breach incidents happen on email. - Person 4 (NCIIPC): Different players working together is useful.
*
3PM: Session: “Clear and Present Danger: Cyber Wars will Target Critical Infrastructure”
Each point made by an individual.
- Threat perspectives have changed. With the advent of cloud and IOT, enterprise needs a huge amount of data… And it also has to be safe and secure.
- IT Security was a big challenge in the late 90s and early 2000s. You were asked “why do I need a firewall?”. What (perception) it was then Vs now is similar… You have scripts available these days and see if they work.. geopolitical factors are also at play…
- We don’t own more than 1-2% of the technology we use.. by default these systems are not secure from a security perspective. The OEMs themselves don’t have any control.. they have potential for vulnerability.. there are a multitude of threats.. vulnerabilities and risks.. the threat is real, it exists.. and we have to protect ourselves.
