Physical Internet Security: S^4 and Cyberwarfare
Presenter: Matt Ploessel, Cybereason
The cyber world is still rooted in the physical world. In his keynote, Matt Ploessel will explain how that physical world connects the world to us locally, how those communications work, and the threats that infrastructure faces – including squirrels… seriously. Matt will share:
- An overview of the global physical Internet cables/data centers /connectivity and the New England region;
- High level explanation of how communication work over the Internet (follow the bouncing packet);
- The history of how we got to how things are today, building the Internet – interesting, funny, and embarrassing lessons learned;
- The leading threats to the physical Internet (S^4 = Squirrels, Sharks, Ships, Submarines);
- What happens to traffic with an incident/outage occurs (Simple routing [Link State – Distance Vector] overview);
- War and the Internet: What happens, what to expect (China Firewall, DPI, filters, segment isolation):
- Inventions and reality (Best technology has been invented with 1-5 people, a chicken scratch napkin, and long nights)
Introductory Breakout Sessions
The majority of 1NTERRUPT participants are brand new or have had some minor exposure to the concepts behind cybersecurity. Gaining a working knowledge of those concepts of cybersecurity is more straightforward than you may think. Our hands-on, intro-level breakouts have been created for participants with no or some prior knowledge in these key areas. These concepts will be put to use later in the day during the Treasure Hunt.
Intro to Network Security
Breakout leader: Bill Galeckas, Akuity
Just about everything today can be connected to a network. Devices like your computer, your phone, your television, your fridge, your lights, and yes, even your toilet (Why anyone would want to do that, we have no idea.), can be connected to the Internet.
Networked systems and applications make life convenient, yet are often completely insecure. In this session, we’ll cover the basics to get you started on understanding general network and network security concepts, like:
- IP addresses and subnets;
- Ports and protocols;
- The must-have tools of any cybersecurity professional.
Intro to Internet Security
Breakout leader: Joe Scalise, Google
Website servers aren’t the only machines running web services or handling your personal data. More and more applications and devices we use every day like email, file storage, games, even cameras and cars are using web services in the cloud. Many of these services are interconnected to make things more convenient.
Have you ever used an existing social or email account to sign up or log in to another service, for convenience? Maybe you’ve logged into a game, music service, or even a peer-to-peer payment app. Reusing your credentials is certainly convenient but it also increases the exposure and area of attack for your personal data.
This breakout session will cover the basics of secure web development, scripting, and some tools and techniques used to discover vulnerabilities.
Intro to Hardware Hacking
Breakout leader: Jacob Berry, Technocopia/Happy Hacker Society
The maker movement has made it possible for powerful, affordable technology – 3D printing, the Raspberry Pi, Arduino – to get into more hands. It has become so much easier for someone with an idea and some skill to imagine, design, and make their own devices. The Internet of Things adoption owes much to the maker movement. This breakout introduces certain hardware basics like reading a basic wiring diagram to put together simple circuits, and then connecting them up to an Arduino controller to test your work.
Ethics in Cyber Security Roundtable
Discussion leader: Marc Blackmer, Cisco Systems/1NTERRUPT
Believe it or not, the technology is often the easy part of cyber security. The toughest challenges are the judgment calls that need to be made almost every day – judgments that may have personal, legal, or safety implications
In this roundtable session, we’ll introduce a scenario and open the floor for discussion and debate.
Advanced Breakout Sessions
Advanced breakout sessions are intended for participants who have a firm grasp on the intro-level concepts and are looking to further their technical skills. Each session is 55 minutes long and only runs once.
Breakout leader: Vincent Uguccioni, CrowdStrike
This breakout session will walk participants through the mindset of an adversary and how they conduct day-to-day operations. The key focus areas will be:
- Setting up infrastructure for covert communications;
- Establishing a foothold on a target system;
- Conducting red team operations (post-exploitation and privilege escalation).
There will be live demos and hands-on activities throughout the session. Participants will gain hands on experience with Linux, Cobalt Strike, and Windows. Cobalt Strike is a threat emulation framework developed by Raphael Mudge. It is used by both professional red teams and real-world adversaries. All breakout material will be provided to participants via download.
Hands-On Data Analytics for Threat Hunters
Breakout leader: Ayse Kaya Firat, Cisco Cloudlock
Today’s threat hunters are tasked with discovering anomalous and malicious behavior within mountains of data. The bad guys know this, and the skilled ones know how to stay hidden. Artificial intelligence (AI) and machine learning (ML) are powerful tools for threat hunters to cut through through the noise to detect suspicious behavior and find the threats.
This session will get hands-on with:
- A data analysis case study
- An introduction to R programming
- Discussion on apply these techniques to threat hunting
Participants are recommended to have the R console installed prior to the session.
Breakout leader: Dan Thiffault, BookBub/1NTERRUPT
The adult track breakouts will be conducted in a single super session based on the intro-level sessions as described above.