Date: 16 March 2012
Click here for printable version
AusCERT Online Crime Symposium 2012Sunday, 13 May 2012
Cypress Room, RACV Royal Pines Resort, Gold Coast, Australia |
|
Background
Online crime is worsening at a rate that demands better, more coordinated strategies among industry, government, law enforcement and CERTs. The financial rewards for online criminals is high and cyber criminals generally operate with impunity. To combat this threat, more effective strategies are required from all sectors, both nationally and internationally.
Target Audience
- Government, law enforcement and private sector personnel involved in the development of policies or strategies for e-security or e-government, or who have responsibility for investigations either within their own organisations or for the broader community.
- High level, focused briefings with some technical detail aimed at information security managers, policy makers and stakeholders within the telecommunications, domain name management or other Internet industries.
- A closed event, not open to the general public.
Purpose
- Increase awareness of the nature and impact of online crime among government and industry sectors and the challenges it poses for prevention, detection and response.
- Increase awareness of the nature and impact of various online crime types and the tools used by criminals engaging in this activity.
- Seek support for initiatives in Australia that will provide broad benefit for the Internet using community and for users and providers of e-commerce or e-government services.
Program
| 8.30 – 9:00 Coffee and Registration |
9:10 - 9:25
15 minutes |
Introduction
Graham Ingram
General Manager,
AusCERT |
|
9:25 - 10:40
75 minutes
|
Legal Aspects of US Cybercrime
Robert Clark
US Army Cyber Command
|
The presentation is a review of important legal issues involving cybercrime and cybersecurity. As always the agenda is driven by current up-to-the-minute releases of hot issues and judicial opinions. Currently that means precedents on decrypting hard drives and judicial limitations on searching computers. We next look at the legal aspects of computer network security and defense and finish with a proposed model that creates an organization of cybersecurity defenders from the federal, state and local level. Along the way we will discuss what is personally identifiable information (and what is not) as well as other topics. Each legal area will contain a brief overview of the legal standards involved and then an analysis on how the recent court cases have interpreted these standards and what the future effects may be.
Attendees will get an understanding of the hot legal topics in computer network security. Past presentations have shown, much of what is taken away is audience driven in response to their questions and the subsequent discussion. And, as always, I try to impress upon computer security professionals the importance of working closely with their legal counsel early and often, and explaining the technical aspects of computer security to their attorneys at a third grade level so my profession can understand it and then turn around and explain it to a judge or jury at a first grade level.
|
| Morning Tea 10:40 - 11:00 (20 minutes) |
11:00 - 11:40
40 minutes |
Lessons Learned From Working 65 APT Incidents
Name withheld
|
This presentation will cover methods used to identify new controllers and related exfil victims and insights gained from reaching out to victims across many sectors and geographies |
|
11:40 - 12:20
40 minutes
|
Development of some Cybercrime business models
Stas Filshtinksiy
Stratsec
|
|
| Lunch 12:20 - 13:30 (1 hour 10 minutes) |
13:30 - 14:10
40 minutes
|
Medical identity theft, fraud, forgery & ‘Doctor Shoppers’
– This is why & how they do it
Name withheld
|
|
14:10 - 14:50
40 minutes |
Investigating a Child
Ajoy Ghosh
Alcheme
|
Using three case studies (two real and one composite), this presentation introduces the sometimes awkward, sometimes illegal and usually costly positions that well meaning system administrators, IT security and computer forensic practictioners can find themselves when they investigate children in the same way they would investigate adults. |
| Afternoon Tea 14:50 – 15:10 (20 minutes)
|
15:10 - 15:50
40 minutes
|
The evolution of cybercrime and modern prevention strategies: Do our banks have the winning strategy
Jake Lambert
Vasco
|
With Identity fraud and cybercrime constantly on the rise, the need to protect our sensitive information is more important than ever. Cybercrime is the choice for modern criminals. Why would you want to walk into a bank with a gun when you could steal much greater sums of money from the safety of your own home? With the increase in popularity of this type of crime comes an increased in awareness around these types of attacks and how we can protect ourselves. Many corporate and government organisations are constantly seeking new strategy’s to stay ahead of this new breed of criminals. This presentation will explore these emerging trends and which prevention methods are proving affective in combating online application fraud. It will also focus on some of the successful strategy’s implemented in the banking industry and how they can also be utilised effectively in other industries.
|
15:50 - 16:30
40 minutes |
Banking Malware Mitigation
Shaun Vlassis
Commonwealth Bank
|
This presentation aims to leave little doubt about the ongoing challenges faced by Financial Institutions when combating online crime perpetrated against its customers. The criminal groups, their tactics and tools will be explained, alongside the countermeasures against these groups that can effectively mitigate these threats. This presentation will offer the unique view of the people that are on the receiving end of these attacks, what is considered ‘effective’ and more importantly, what countermeasures are feasible given the limitations of resources, legalities and most importantly, customer experience.
|
|
16:30 - 16:40
10 minutes
|
Closing remarks
Graham Ingram
General Manager, AusCERT
|
|
| Networking Drinks 16:40 – 17:40 (1 hour)
|
This program may be subject to change.
Cost and Registration
The registration fee is $285 (including GST) and includes lunch, morning and afternoon tea. Symposium speakers and law enforcement are free.
To register as an attendee please send an email to
crimesymposium at auscert.org.au. Please specify for each delegate:
- Name
- Position title
- Organisation
- A contact telephone number and email address
- Billing address (for the registration invoice).
For catering purposes please register before Friday, 4 May 2012. Please advise if you have any special dietary requirements.
Please note that we will not accept 'walk-in' registrations on the day of the Symposium - all delegates must register by 4 May 2012.
Cancellation Policy
Registered attendees may cancel in writing by 4 May 2012 without charge and/or obtain full refund.
Registered attendees who don't attend or who cancel after 4 May 2012, will be required to pay a cancellation fee equivalent to the registration fee.
Accommodation at AusCERT Conference Discount Rates
Symposium delegates may obtain AusCERT conference rate discounts for
bookings made at:
- RACV Royal Pines Resort (for Saturday, 12 May 2012)
- Radisson Gold Coast (for Saturday, 12 May 2012)
- Crowne Plaza Surfers Paradise (for Saturday, 12 May 2012)
- Mantra Grand Sierra Broadbeach (for Saturday, 12 May 2012)
Please note there will be no shuttle bus service from the Radisson Gold Coast, Mantra Grand Sierra Broadbeach or the Crowne Plaza Surfers Paradise to the RACV Royal Pines in the morning of Sunday, 13 May, 2012.
If you wish to take advantage of these hotel accommodation conference-rate discounts, please send an email to:
Danyelle Simpson (dsimpson at arinex.com.au)
Inquiries
Please feel free to contact us on crimesymposium at auscert.org.au if you have any additional questions regarding this event.
|