International Cooperation on Cybersecurity explored at ZeroDay Con in Dublin, Ireland
The ZeroDay conference at Dublin’s Convention Centre on March 9th of this year was well attended by highly qualified cybersecurity professionals from many industries both in the public and private sectors. My coverage of the conference started at its usual place, which was at the coffee stand in the expo area. With my morning coffee, I made my way around an impressive array of exhibitors.
I got chatting with Lee Beard, Client Director from Blackberry Cylance, who brought me through his product noting its rich data repository for threat intelligence is over 15 years old. I walked around the expo area and talked to Rob from Smarttech247. Rob brought me through his Security Operations Centre (SOC) offering. Their commitment to their support of their customer’s digital resources and security posture came across strongly during our chat.
ZeroDay
The next stop was the identity management company Thales. The folks there chatted to me about their encryption and identity management service for access control to your data. Other familiar names like Keeper and Sentinal One were exhibiting to other attendees so I moved on to my next stop of the day, which was an interview with the FBI’s Eric Smithmier, Assistant Legal Attache to the US Embassy in London.
Eric was passionate about how the FBI’s public-private partnership approach to cyber security is producing dramatic results in the prevention and early response to cyber attacks at an international level. One such example cited by Eric was the Irish Gardai who alerted his office to an active ransomware attack in progress on a hospital in the state of Nebraska, USA.
The pre-existing network of FBI contacts saw the details of this alert reaching the hospital in just one hour with the critical information needed to respond to the threat. I asked Eric about the best advice businesses with a digital presence could take away about their security posture. Eric’s advice is very pragmatic. When approaching cyber security, businesses should start at the top by redefining the meaning of cyber security for their business.
Security is too often measured in recovery costs only. It should be redefined as protection for digital products as a whole. Whilst an attack may cost a direct amount of money paid out in the case of ransomware, the downtime can be more damaging in terms of revenue lost, digital brand damage and the erosion of marketplace trust in the reputation of the business.
Our chat finished with a final question about the geo-political movements since 2014 by Russia along with ransomware for profit being replaced by something else as the number one objective of the cybercriminal world. Eric’s view is that whilst ransomware won’t be going away soon, the new threat to western nations in particular is critical infrastructure attacks with a view to disrupting and causing physical harm.
My next stop was an interesting case study presentation by Edward Skraba of Smarttech247. He outlined some interesting cyber attack case studies and the learned lessons from those attacks. Asset inventory, unencrypted data that is sensitive, signature-based object solutions and password policies all featured strongly in learned lessons and can in my view be considered key points in any business evaluation of its cyber security posture.
After a lunch that can only be described as exotic, I stopped off at a talk by Eric Smithmier and Jensen Penalosa of the FBI. The topic was international cooperation in cyber investigations. Eric explored the cooperative nature of pre-existing networks of contacts at an international level that is proving valuable in countering the threat of cybercrime.
The mobilization of a global network of trusted contacts with cyber security expertise that can deliver timely insights into emerging threats has proven effective thus far. He also broke out some 2022 statistics on ransomware attacks noting the most targeted industry sector is ‘Hospitals and Public Sector’ pointing to the callous nature of these bad actors.
Jansen went into this model of international cooperation and highlighted some wins by this global alliance of law enforcement agencies. One such case was their infiltration of the HIVE ransomware collective and recovering ransomware decryption keys for the victims of the HIVE criminal enterprise. He also reiterated the FBI’s approach to cybercrime has become blended. The FBI doesn’t differentiate between state and criminal enterprise as bad actors anymore. There is too much crossover in skills, resources and collaboration between both cohorts.
Both FBI speakers were then joined by Mark McMahon of NCIS and Katie McCarthy of Irish Water. The subject of critical infrastructure was taken up for panel discussion and a lively debate around the strategic targeting of critical infrastructure by bad actors really made any cultural embracement of good security practices a requirement, rather than just an option. It is the panel’s view that a culture shift to making security everybody’s concern would lead to better prevention and more effective responsiveness when a cyber attack does occur.
I had to leave at that point but noted at mid-afternoon, there was still a full house present for the debate around the recent HSE (Irish state healthcare body) cyber attack followed by the cybersecurity leader award. I have no doubt the retained attendance will be engaged by the remaining items of the day. I am equally convinced this conference will continue to deliver a qualitative experience to professionals in a critical industry defending the ever-increasing digital presence we see, hear and feel in today’s society.
John Mulhall @johnmlhll | john@maolte.ie is a writer with Irish Tech News for over 6 years and also Founder, Writer, and Engineer with Maolte Technical Solutions Limited. You can learn more about John and his new company at https://maolte.ie
