Cyber Defence Exercise Locked Shields, organised by the NATO Cooperative Cyber Defence Centre of Excellence, took place in March 2012. It had a game-based approach, which means that no real organisations played their actual role and the scenario was fictional. The defenders (Blue Teams) had to protect a partially pre-built environment simulating the network of a small telecommunications company. The attacker's (Red Team) objective was to provide equally balanced attacks against all the Blue Team networks. The Blue Teams were from Switzerland, Germany, Spain, Finland, Italy, NATO (NCIRC), Slovakia, there were also combined teams from Germany-Austria and Denmark-Norway. The core of the Red Team composed of specialists and volunteers from Finland and Estonia, with additional contributors from Germany, Latvia and NCIRC.
Cyber Defence Exercise Locked Shields, organised by the NATO Cooperative Cyber Defence Centre of Excellence, took place in March 2012. It had a game-based approach, which means that no real organisations played their actual role and the scenario was fictional. The defenders (Blue Teams) had to protect a partially pre-built environment simulating the network of a small telecommunications company. The attacker's (Red Team) objective was to provide equally balanced attacks against all the Blue Team networks. The Blue Teams were from Switzerland, Germany, Spain, Finland, Italy, NATO (NCIRC), Slovakia, there were also combined teams from Germany-Austria and Denmark-Norway. The core of the Red Team composed of specialists and volunteers from Finland and Estonia, with additional contributors from Germany, Latvia and NCIRC.
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung) held this talk about Cyber Defence Strategy at the DeepSec 2011 security conference:
"Cyberwar and Cybercrime are currently heavily discussed topics even in the mainstream media. IT, and therefor IT security, spread almost everywhere, from automobiles to home automation, from main battle tanks to nuclear power plants and from desktop PCs to smart phones. This raises several security problems in different technical and non-technical domains.
I try to develop an international strategy for IT security, which shall give some answers regarding technical, psychological/social and political security problems. It will also outline some questions which have to be answered by security research in the near future. Those questions include Cyber Law and Cyber Law Enforcement, Security Awareness, Teaching Security, Operating Systems Security and Product Liability for Software Developers."
Morgan Marquis-Boire describes the talk he held at the DeepSec 2011 conference with the following words:
"Three years ago, I gave a talk at DeepSec called Fear, Uncertainty and the Digital Armageddon on the subject of critical infrastructure compromise. At the time, there was significant worry about the danger that digital sabotage posed to the systems that run our everyday lives. It appears that our threat landscape has changed considerably since then and that the Internet (and by proxy the world?) is a significantly more dangerous place. Cyberwar, Stuxnet, and APT have become common industry buzzwords. Malware has become prevalent on platforms other than windows, and it seems like every month or so another security company suffers a high profile compromise or data leak. Are we really hurtling towards the Infocalypse? An age where the Internet is mainly a conduit for espionage and organised crime? Or is this simply hype in a industry obsessed with $$$$??? This talk will examine aspects…
What do real modern terrorists do with encryption tools? Do they use them? Do they know how to communicate securely?
The spectre of international terrorism networks hiding behind “unbreakable” crypto communications was the war cry for security agencies lobbying for “key escrow” and inherently insecure encryption during the “Crypto Wars” of the 1990s. The agencies lost their campaign. Key escrow proposals hit the trash.
After 9/11, the zeitgeist changed. New laws compelling targets to hand over crypto keys were introduced globally. Were they needed? Do the laws work? Can they work?
The reality of terrorists’ communications and crypto is mundane, repeating classic centuries old errors – such as the wannabee airline bomber who told Al Qaeda’s new chief to reject AES and use insecure homebrew methods instead. (He was arrested within the week.)
Many exotic claims about terrorist encryption have been shown to be fantasy, and their competence exaggerated.
This talk was held as keynote by…
Just think about it… What if you were trapped under something heavy and the mouse was out of your reach? Scary, right? That's exactly why we have these keyboard shortcuts so you can still use Vimeo until the help arrives.
