EICAR 2013: Data protection <> data security?

2013-12-02

Eddy Willems

G Data and EICAR, Belgium
Editor: Helen Martin

Abstract

Eddy Willems presents a round up of the 22nd EICAR Conference, held in Hannover last month.


The 22nd EICAR Conference was held last month at the Leibniz University of Hannover, home of the prestigious Institute for Legal Informatics. One of the aims of this year’s event was to discuss the related topics of data protection and data security alongside each other, rather than in isolation.

Gripping speeches

As has become tradition, the event started with some pre conference lectures which were given by students from the French ESIEA institute on MS x64 assembly and CARBEP. After that, gripping opening speeches were given by Peter Kruse (CSIS) on the Tinba banking trojan, and by Prof. Dr Nikolaus Forgo (Leibniz University) on data protection and privacy.

An unscheduled presentation was made by Righard Zwienenberg – a short tribute to Péter Ször, well known security researcher and friend of Righard (and myself), who died unexpectedly just days before the conference. Péter was a regular presenter at the EICAR conference in its early days.

This year, the conference was divided into two tracks: ‘scientific/technical’ and ‘scientific/legal’. A broad selection of highly respected German speakers, including Prof. Peter Gola and Prof. Dr Michael Schmidt, presented papers in the legal track on topics that included big data, cloud security, and even the NSA-PRISM-related problems. As the conference went on, ‘data privacy’ emerged as possibly the most well-used term during the event. Whereas in the past 20 years, the word ‘privacy’ was barely uttered in any speech at any security conference, it now seems to turn up in almost every presentation. Until we reach a worldwide recognition of and agreement about data privacy laws, we will continue to come across a lot more contradiction and problems relating to privacy. This is one of the big challenges for the coming years. It could be handled with better international laws and optimized programming, but a lot of work still needs to be done. Big data is a good example of this and it is already becoming both a solution and a problem in itself.

BYOD is an important trend in the IT industry and was another important topic of the conference. Whereas legal compliance of BYOD can be achieved by taking the right steps, it should always be considered whether or not the option to provide employees with company-owned devices (which may be used privately as well as in the workplace and which, in addition, may be chosen freely by the employees within certain boundaries) would not constitute a significantly easier model, combining the advantages of BYOD with the safety of full technical and better legal control of devices. A BYOD model must be thoroughly adapted to the company’s business model and processes within the IT infrastructure, in particular regarding hardware and software ownership and maintenance, data ownership, IS security policy, data security and liability.

This year’s ‘Best Student Award’ was given to the paper ‘Automatic Code Features Extraction Using Bio-inspired Algorithms’ by Ciprian Oprisa and Georges Cabau of Bitdefender, and Adrian Colesu from the Technical University of Cluj-Napoca.

Next year and the future

This year’s event was a good one, but the EICAR board feels that more effort needs to be put into having even more interesting papers and even better presentations next year. That’s part of the reason why EICAR is set to move in a different direction: why not combine two good meetings, events or conferences? I have always been in favour of bringing people together and, being on the boards of both AMTSO and EICAR, I have always liked the idea of combining the two events. Next year, we plan to hold the annual EICAR conference at the same venue as the autumn AMTSO meeting (immediately following it). I am pleased to announce that, if all goes according to plan, the EICAR conference will be held in mid to late October 2014 in Canterbury, UK. We aim to have two separate tracks once again: one academic/scientific/legal-related track and a security/malware-related track, with several internationally well-known keynote speakers.

EICAR is also looking into other initiatives and we hope to hold a one-day expert meeting (possibly in February) in Bochum, Germany. Details of the subject, exact date and venue will be announced soon on the EICAR website (http://www.eicar.org/). I am already looking forward to the opportunities to meet new people and exchange ideas on new projects – maybe making the world a little bit safer.

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest articles:

Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

Aditya Sood & Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited to compromise the C&C panel in order to gather threat intelligence, and present a model of mobile AppInjects.

Cryptojacking on the fly: TeamTNT using NVIDIA drivers to mine cryptocurrency

TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to infiltrate organizations’ dedicated environments and transform them into attack launchpads. In this article Aditya Sood presents a new module introduced by…

Collector-stealer: a Russian origin credential and information extractor

Collector-stealer, a piece of malware of Russian origin, is heavily used on the Internet to exfiltrate sensitive data from end-user systems and store it in its C&C panels. In this article, researchers Aditya K Sood and Rohit Chaturvedi present a 360…

Fighting Fire with Fire

In 1989, Joe Wells encountered his first virus: Jerusalem. He disassembled the virus, and from that moment onward, was intrigued by the properties of these small pieces of self-replicating code. Joe Wells was an expert on computer viruses, was partly…

Run your malicious VBA macros anywhere!

Kurt Natvig wanted to understand whether it’s possible to recompile VBA macros to another language, which could then easily be ‘run’ on any gateway, thus revealing a sample’s true nature in a safe manner. In this article he explains how he recompiled…


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.