VB2013 speaker spotlight

Posted by   Virus Bulletin on   Sep 27, 2013

We speak to VB2013 presenter Jarno Niemela about APTs and about what he aims to bring to VB2013.

The VB2013 conference takes place next week (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.

Today, we speak to Jarno Niemela, who will speak at VB2013 about statistically effective protection against APT attacks.

Tell us a little bit about yourself - your job and your responsibilities.

Jarno Niemela "I work as Senior Security Researcher at F-Secure, my main job is to look after our automatic malware analysis systems and labs backend, but in addition to that I always have one or two research projects going on.

"During the past couple years I have focused my research on APT and other corporate espionage attacks. But instead of just trying to keep track of the APT operators I have been looking as methods by which corporates can break as many of those attacks as possible."

Can you give us a brief outline of what you will be speaking about at VB2013?

Jarno Niemela "At F-Secure we have been recommending additional security measures in addition to using our products for a couple years. However, our knowledge of the effectiveness of these methods has been based on ad-hoc experiments and anecdotal evidence. So I decided to test the methods against a larger population of samples and see how well they fare."

Why is your presentation particularly relevant to the security community?

Jarno Niemela "While it is important to detect and react to new security threats, being able to prevent the attacks in the first place is much more cost effective. System hardening is not very glamorous and can be viewed as tedious, so I wanted to get some proof of just how effective even simple security measures can be.

"I hope that the information I have produced will help security staff at companies to convince their IT counterparts why they should bother to deploy these changes to the corporate infrastructure."

What can delegates learn from your presentation?

Jarno Niemela "Most of the things I am covering in my presentation are not actually new, and some of them are really obvious. But that's not the point. Even as the protection measures I chose for testing are really basic they still are not deployed in customer environments. So what the delegates get from my presentation is facts to convince IT organizations why the changes should be deployed to corporate environments."

What other presentations are you looking forward to?

Jarno Niemela "Actually quite a lot of them look interesting - my main research focus is on the behavioural analysis side, so I'll be following every presentation that focuses on behavioural analysis."

How many VB conferences have you been to?

Jarno Niemela "VB2013 will be my 5th VB and the second time I have presented at the conference - having presented a paper on Symbian malware at VB2005."

Have you visited Berlin before? What are you looking forward to seeing/doing whilst in town?

Jarno Niemela "I have been to Berlin a couple of times before - the Nikolaiviertel district is well worth a visit."

Jarno Niemela will present 'Statistically effective protection against APT attacks' at 11:20 on Friday 4 October.

The full programme for VB2013, including abstracts for each paper, can be viewed here.

Read more about why you should attend VB2013 - and download our letter templates as a guide for justifying to your budget holder why you should attend VB2013.

VB2013 takes place 2-4 October 2013 in Berlin, Germany - online registration is now open - we'd love to see you there!

Posted on 27 September 2013 by Helen Martin



Latest posts:

VB2019 paper: DNS on fire

In a paper presented at VB2019, Cisco Talos researchers Warren Mercer and Paul Rascagneres looked at two recent attacks against DNS infrastructure: DNSpionage and Sea Turtle. Today we publish their paper and the recording of their presentation.

German Dridex spam campaign is unfashionably large

VB has analysed a malicious spam campaign targeting German-speaking users with obfuscated Excel malware that would likely download Dridex but that mostly stood out through its size.

Paper: Dexofuzzy: Android malware similarity clustering method using opcode sequence

We publish a paper by researchers from ESTsecurity in South Korea, who describe a fuzzy hashing algorithm for clustering Android malware datasets.

Emotet continues to bypass many email security products

Having returned from a summer hiatus, Emotet is back targeting inboxes and, as seen in the VBSpam test lab, doing a better job than most other malicious campaigns at bypassing email security products.

VB2019 paper: We need to talk - opening a discussion about ethics in infosec

Those working in the field of infosec are often faced with ethical dilemmas that are impossible to avoid. Today, we publish a VB2019 paper by Kaspersky researcher Ivan Kwiatkowski looking at ethics in infosec as well as the recording of Ivan's…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.