Here are my notes from the second day of the Hacker Halted conference.

Inside the Storm

Virtual Worlds – A Wild Frontier Or New World Order?

  • NDU IRMC – Information Resources Management College
  • Virtual worlds provide an easy environment for users to get profiled
  • Many new virtual environments are being created
    • Some for adults, some for kids, some for learning, some for therapy, etc
  • Concerns
    • OSINT
    • OPSEC
    • Identity theft
    • Malware
  • Lots of r&d money is being poured into these environments
    • If the company goes under, so does all that money
  • NOAA has a neat weather map in second life
  • World of Warcraft
    • Patch 2.3 – Every 15 seconds the warden program will take a snapshot of programs running (pid, file handle, etc) to ensure no cheating applications are in use.
    • 10 million users online. Can get access to lots of machines if there is a server hack.
  • Griefing
  • Easy to clone environments in virtual worlds
    • Who are you really talking to? The real person or an impersonator?
  • Second Life data breach of 2006
    • Company didn’t care because users signed an agreement that stated they weren’t responsible for securing the data??

Cyber Attacks – Prevention, Detection & Response

  • Always update your security policies
  • Malware exploits are intelligence preparation of the battlefield
  • We must understand the threat and not be complacement
  • Attack platforms are changing
    • Malicious ads were placed on a local radio station, lots of machines got infected
  • The information you put online can end up hurting you
    • A project page was used to identify team members and a targeted attack was performed to this group
  • The bad guys are testing us and our defenses
  • There isn’t enough information sharing
  • Need to get back to the orange book
    • Specify the level of security before you purchase hardware / software
  • Tower of Secrets – Book on Russian espionage

Infect Me Baby One More Time – The Ease of Malware Infection

  • Storm owners getting arrogant – they now have a storm codec
  • 20,000 new malware samples a day
  • One new infected page found every five seconds – Every four out of five are compromised