Infosec Europe 2018, day 1
Infosec Europe is a big vendor based show hosted in London. It features talks, demos, workshops and panel events so can be quite eye opening. It's also an event I've been trying to attend for the last five years. I've managed to get along to it this year so I'm very much hoping there'll be some good talks, that and I can catch up with some vendors.
I last went to Infosec Europe well over 5 years ago, I think I must have been working for the school. Last time there were some interesting talks, a handful of freebies and a stand advertising a product using women dressed in fish net stockings and basques. I have no idea what their product was, or even who the company was, I just remember thinking I wasn't interested in their product if they had to attract customers in that way.
Since then there's been an increase in women in IT and information security. I'm very much hoping there's a representation of women from the industry, as IT shouldn't be male dominated, and a lack of scantily clad women. I started this post on the way in so we'll see how the day goes...
Well it's certainly busy! The background noise level is quite high but it's surpassing how quickly you tune that out. My first observation is that although the event is still male dominated, the ratio is becoming more balanced. Interestingly though, the geek street presentation by @jameslyne had only one woman at it that I spotted, perhaps men are more happily associated with the term geek.
I've planned to attend a few talks and catch up with a few vendors and James Lyne's aforementioned talk was quite ambitious, very certainly brave. His whole talk was conducted without slides - just one, long, live demo. James showed how to use a fuzzer, AFL, to detect a likely problem in an open source tool. This he could then exploit to perform a buffer overrun attack. He actually exoloited a different tool altogether for the second part of his demo, but the point was made and I've got a better understanding of fuzzers now. You learn something new every day.
Another demo showed a few method an attacker might use to gain access to your network and that's when I met another new term: mousejacking. Mousejacking is a process where an attacker sends instructions to a device via a wireless mouse (or keyboard) transciever. Apparently there have been cases in the USA where drones have been used to hover the necessary equipment near the target organisation, perhaps we'll see that soon too. In my experience wireless peripherals are only purchased for managers (or senior managers) and above so the data and access an attacker may gain is quite concerning.
Next I attended a keynote stage panel session entitled Patch or Perish which was a fairly informative talk, albeit one of the panelists seemed new to either the field or presenting. My biggest takeaway (amusingly from Dominos pizza):
Another key point from @paulwattsUK: don't punish staff for falling a phishing test. Secuity teams need to be approachable - don't make your users terrified to approach you.
— Jonathan Haddock (@joncojonathan) June 5, 2018
(Obviously that should have been failing and security. One day Twitter might get an edit function and phones won't auto-corrupt!)
I've seen people get shouted at for falling for a phish (not even a test, a live one) and I've also seen colleagues shout at the victim for doing so. At the end of the day, it doesn't matter how well trained you are, if something looks legit someone will fall for it. We just have to support the victim after the fact (possibly more training, but not shouting).
Swag
As always, no show like this would be complete without a haul of swag. So far I've got some Sophos socks (pictued - remeber Clippy?), numerous pens, a light up bouncy ball, pair of flip flops and an LED fan. Oh, the peeps at Watchguard were issuing copies of a cybersecurity top trumps too which looks cool. More swag to come I'm sure.
Sadly - a theft
Got back to the train station to find my bike of nearing 10 years, if not more, had been stolen. Bit of a pain, and a rubbish end to an otherwise good day :( .
More Infosec tomorrow!