Program Overview

• Case Study on Cyber Incidents in South Korea

  Mr Lee, Suwon (KRCERT/CC)

  This session will give the presentation on the KrCERT and how we resopond to cyber incidents.

  • An introduction of KrCERT
    Briefly introduce the KrCERT and our response systems.
  • Case studies
    Introduce three recent cyber incidents in South Korea.
  • Personal information leakage
  • Freeware update server hacking
  • Anonymous

  February 21, 2016 11:00-11:30

  aucklandtc-20160221-lee_suwon-case_study_on_cyber_incidents_in_south_korea.pdf

  MD5: 916aa3f6a8e1dd67e5b113baac5e9726

  Format: application/pdf

  Last Update: May 11th, 2016

  Size: 3.51 Mb

• DNS Root Zone DNSSEC Operations - the KSK

  Edward Lewis (ICANN)

  ICANN, as the IANA functions operator, is tasked to manage the top-most cryptographic key in the public DNSSEC hierarchy. After 5 years of operation with the original KSK, there is a call to change the key in a non-emergency posture. While preparing for this first-ever change of a static configuration element used by an unknown number of independent and anonymous organizations some details needing to be openly discussed have emerged. In this talk, background on the KSK operations will be followed by a description of such details, with the goal of eliciting feedback from those who will be impacted by the change of the KSK.

  February 21, 2016 09:15-09:45

  aucklandtc-20160221-edward_lewis-dns_root_zone_dnssec_operations.pdf

  MD5: 77673775c12e60c0028541ed43e9559b

  Format: application/pdf

  Last Update: May 11th, 2016

  Size: 1.32 Mb

• Drills among Asia Pacific CERTs

  Geoff Thonon (MOCERT)

  Drills in a CERT makes the team ready for incidents in how they are accepted, handled, resolved and learned from. APCERT drill make 28 teams in Asia Pacific interact to ensure that incidents, and every process that each team have created to accept, handle, and resolve is effective allowing a chance to learn and improve from a simulation than a real life lesson. Find out how APCERT organizes, runs, and rolls out their drill to provide a readiness among teams that share a common goal of making the internet, clean, safe and reliable.

  February 21, 2016 16:30-17:00

• Recent Cyber-Attack Cases in Taiwan

  Henry Yu (TWNCERT)

  This presentation will share recent cyber-attack case studies in Taiwan, what TWNCERT has learned from these cases, and suggestions for dealing with similar cases in the future. The outline of the presentation is listed below:

  1. The cyber threat trends in Taiwan
     Briefly introduce the recent threat cyber trends in Taiwan in this section, mainly APT attacks via vulnerabilities plus phishing mails.
  2. Cyber-attack case studies
     Three APT attack cases will be discussed:
     • Network Equipment Attack
     • AD Golden Ticket Attack
     • Third Party Software Attack For each case we will show how the hacker hacked into the system, and what we can do to prevent it.
  3. Conclusions

  February 21, 2016 14:00-14:45

  aucklandtc-20160221-henry_yu-recent_cyber_attack_cases_in_taiwan.pdf

  MD5: 43402b4219dc826da46ae9bcb3c2ae5a

  Format: application/pdf

  Last Update: May 11th, 2016

  Size: 1.98 Mb

• The Hidden Fortress: Defending large networks and complex organisations with agile security

  Dr Hinne Hettema (University of Auckland)

  A University network is a unique entity with difficult security parameters that need to balance academic freedom, intellectual property protection and normal business operations. As in any environment, breaches occur as a result of unique organisational failure modes, which are often better understood by attackers than by defenders. To complicate matters, security operations are a somewhat special branch of IT which is sometimes poorly understood by the rest of the IT environment and the wider organisation.

  To even the scale, understanding your attacker and their objectives is key to a robust cyber security practice. In this talk, I will focus on designing and structuring security operations that take an understanding of the goals and objectives of an attacker as their starting point. True to the nature of an academic environment, such operations need to be light touch, robust and cost-effective. I will discuss some of the regular incidents in our environment and how we have designed controls. In particular, at the University we have developed a number of ‘predictive controls’ that have proven successful in detecting and deterring compromises of University data. I also discuss the sort of security skills and security operations that are required to implement and maximise the usefulness of predictive controls.

  February 21, 2016 11:30-12:15

  aucklandtc-20160221-hinne_hettema-hidden_fortress.pdf

  MD5: 6f58445f949677b5aa11a5e23982e92f

  Format: application/pdf

  Last Update: May 11th, 2016

  Size: 3.44 Mb

• Update on Global Efforts to fight Cyber Crime

  Foy Shiver (APWG)

  February 21, 2016 14:45-15:30

  aucklandtc-20160221-foy_shiver-update_on_global_efforts_to_fight_cyber_crime.pdf

  MD5: 8431a5192f32c70611a26cc7302d7033

  Format: application/pdf

  Last Update: May 11th, 2016

  Size: 3.17 Mb

• Auckland 2016 FIRST TC
  • Program Overview