Podcasts

The following is a recording of Marcus Ranum's AusCERT keynote speech on CYBER WAR. Marcus was doing the circuit a few years ago with a talk titled "Cyber war is bullshit", which I think makes clear his position, but this one is titled Never Fight a Land War in Cyberspace. He basically argues that the application of traditional military thinking to the cyber domain is flawed. He also argues there's a massive money and power grab taking place as the military and the private sector defence base tries to set the agenda so it can profit from it. It's a really worthwhile talk, and delivered with typical MjR flair. Enjoy.

In this sponsor interview with chat with Paul Ducklin of Sophos, and the topic is reflections -- 30 years on -- on the paper Reflections on Trusting Trust by Ken Thompson. So we're reflecting on reflections on trusting trust.

I started off by asking Paul to recap the paper for people who aren't familiar with it.

You're about to hear Parmy Olson's presentation from AusCERT's 2013 conference. Parmy is a journalist for Forbes, but she's also an author -- she wrote We Are Anonymous, Inside the Hacker world of LulzSec, Anonymous and the Global Cyber Insurgency. She got amazing access to the LulzSec crew and the book is well worth reading.

In this presentation she looks at why these young men got involved in such risky activity. What drove them, and what does the future of Anonymous look like?

Active defence is the new black. It's the issue of 2013. One of the organisations that helped put the issue on to the agenda is CrowdStrike, a business founded by some senior ex technologists from McAfee. CrowdStrike was founded on the premise that simply relying on defensive measures in information security isn't enough -- you need to be able to mess with your adversaries.

One of CrowdStrike's founders was Dmitri Alperovitch. He was at AusCERT and used his speaking slot to basically deliver the thinking behind CrowdStrike's pitch. It's nothing earth shattering, but it's a really well packaged speech that presents a cogent argument for the concept of active defence. So here it is, Dmitri Alperovitch's AusCERT talk titled Offence as the Best Defence.

In this sponsor interview we're chatting with Declan Ingram of Datacom TSS.

Datacom TSS is a Canberra-based, national security firm founded by ex Australian government security specialists. These guys specialise in dealing with highly skilled adversaries... Now, when they founded this business a few years ago, there was awareness in government that highly skilled adversaries were a real challenge... but it's really been 2013 where executives at the boardroom level have sat up and taken note of security issues, particularly the issue of APT.

They've realised it isn't just the Google's of the world who are being attacked by state sponsored adversaries -- Oil companies, broadcasters and insurance companies have been absolutely nailed by teams working for the governments of North Korea and Iran, for example.

Furthermore, Mandiant's APT1 report really put the issue on the map for a lot of people who previously just weren't aware of the issues. It's that whole chicken versus egg thing -- are people becoming aware of it because of the media attention or is the media reporting on it because people are becoming aware?

So how has this affected things for a business like Datacom TSS? Declan Ingram joined me to discuss. I started off by asking him how perceptions of sophisticated threats have changed over the last couple of years.

The following is a recording of the traditional closing event of the AusCERT event -- the speed debate. It's hosted by Australian television and radio presenter Adam Spencer, and it's a bit of light fun to end the whole thing on... debaters include Eugene Kaspersky, Bill Caelli, Charlie Miller, Scott McIntyre and more. I'll drop you in here as Adam sets the whole thing up. Enjoy.

Some time ago security researcher Charlie Miller published some research that showed he could take over NFC-equipped phones just by holding them near a malicious RFID sticker. This talk takes you through his research process -- how he fuzzed devices, what he found\u2026 and how he came to realise that attacking the higher level functions of NFC functionality turned out to be the shortest path to victory.

Datacom TSS is a Canberra-based, national security firm founded by ex Australian government security specialists. These guys specialise in dealing with highly skilled adversaries. One of their services is running some pretty intense Red Team exercises.

The team at Datacom TSS recnetly ported its Red Team Trojan over to the Android platform, and it's surprisingly easy to trick people into installing it. You just email it to them and ask them to install the APK package.

And what you get once you're on someone's phone is quite awesome. Not only can you turn on the microphone and snoop on boardroom conversations, but you can use the 3G or LTE connection on the device to do your exfiltration. That way you're completely bypassing the heavily watched gateway. You can also use it to bypass SMS-based authentication.

Mark Brand is the Datacom TSS guy who did the Android port. He joined me by phone to tell us all about it.

The following is a recording of David Jorm's AusCERT presentation. You might have heard Dave preview his talk on last week's episode of the regular Risky Business podcast.

Dave, who works as a security response engineer for a vendor, studies geography and mathematics at the University of Queensland and recently completed a study on long-term remote-sensing analysis of North Korea. In his talk he looks at an OSINT analysis of North Korea\u2026 he talks about the work he did as well as looking at what other North Korea watchers are up to. There's some really cool stuff in there about Red Star Linux, too -- it's a North Korean Linux distribution that's surprisingly polished.

So here he is -- it's Dave Jorm's AusCERT talk. Enjoy.

This is a recording of Mark Fabro's day two keynote speech from AusCERT. Mark is a control systems security expert and a terrific speaker. He's the president and chief security scientist for Lofty Perch, a control system security consultancy. He's extremely well plugged in to the SCADA security scene, he's done a bunch of strategy consulting to the US government. Basically Mark is Mr. SCADA. It's his thing.

In this talk Mark argues that we're focussing on the wrong stuff when it comes to SCADA security. He gives us an experts view on the conversation we should be having if we actually want to fix things. Here's Mark Fabro, I hope you enjoy it.