Debate: "Private Companies Should Be Authorized To Take Measured Offensive Action Against Attackers"

On Feb. 8-9, 2013, up to 100 people including some of the world's leading experts in law, incident response, reverse-engineering and intelligence will meet in Washington DC to debate the topic: "Private Companies should be Authorized to take Measured Offensive Actions against Attackers". The list of speakers includes CrowdStrike's Dmitri Alperovich, Mandiant's Richard Bejtlich, Microsoft's Dave Aucsmith, Dambala Labs' Gunter Ollmann, CrySys Labs' Boldi Bencsath, ReVuln's Donato Ferrante, INTERPOL's new Digital Crime Center's director, the ITU's Marco Obiso, The Grugq, The Jester, and many more.

The Agenda of Suits and Spooks DC will feature the most intriguing panel discussions every held on the highly controversial issue of "striking back" at those responsible for cyber attacks as well as how offensive markets for malware are changing the world of vulnerability exploits. The second day will include breakout sessions as well as an afternoon debate between two teams consisting of 12 volunteers from our attendees along with time for research and strategizing over a working lunch.

Friday, February 8, 2013 - Waterview Conference Center

9:00am - Registration and Continental Breakfast

9:45am - Welcome and Briefing on the Day's Activities

10:00am - 12:00pm: Panel Discussion - Offensive Tactics and Takedowns by Security Vendors

Featuring Mr. Dmitri Alperovich (CTO and Co-Founder, Crowdstrike), Mr. Richard Bejtlich (CSO, Mandiant), Mr. David Aucsmith (Sr. Director, Microsoft Institute of Advanced Technologies for Governments), and Mr. Nick Selby (Police Officer, DFW Area Department of Public Safety; Partner, Enterprise Security at N4Struct, Inc.).

12:00pm - 1:00pm: How Duqu, Flame, Gauss, and Shamoon can be reconfigured and reused against different victims

Featuring Dr. Boldizsár “Boldi” Bencsáth (Associate Professor, Laboratory of Cryptography and Systems Security (CrySyS), Department of Telecommunications, Budapest University of Technology and Economics)

1:00pm - 1:45pm LUNCH (provided on-site)

1:45pm - 3:45pm: Panel Discussion - Finding Exploitable Loopholes in the Computer Fraud and Abuse Act and International Law for Offensive Actions in Cyberspace

Featuring Dr. Catherine Lotrionte (Director of the Institute for Law, Science + Global Security, Georgetown University),  Mr. Stewart A. Baker (Partner, Steptoe & Johnson), Mr. Frank J. Cilluffo, Director, Homeland Security Policy Institute at George Washington University, and Mr. Marco Obiso (Cybersecurity Coordinator, International Telecommunications Union (ITU)

3:45pm - 4:00pm BREAK

4:00pm-6:00pm: Panel Discussion - Offensive Markets for Vulnerability Research - Pros and Cons

Featuring Mr. Donato Ferrante (Co-Founder and Security Researcher, ReVuln), The Grugq (a security engineer who specializes in reverse-engineering and anti-forensics), Mr. Gunter Ollmann (Chief Technology Officer, Damballa Labs)

Saturday, February 9, 2013 - Waterview Conference Center

9:00am Continental Breakfast

9:30am Welcome and Briefing on the Day's Activities

9:45am - 10:45am (Classroom A): Calculating The Adversary's Return-On-Investment and How That Can Inform Defense

Featuring Mr. Josh Corman (Director of Security Intelligence, Akamai)  and Mr. David Etue (Vice President, Corporate Development Strategy at SafeNet)

9:45am - 10:45am: (Classroom B): (topic to be announced)

Featuring Mr. Spencer Wilcox (Lead Security Strategist and Special Assistant to the Vice President of Corporate and Information Security Services for Exelon Corporation)

9:45am - 10:45am: (Classroom C): Q&A with The Jester via IRC "Is Offense The Best Defense, and Who Should Conduct It?"

This will be a moderated discussion with The Jester via IRC chat. Attendees will be able to pass their questions to the moderator and The Jester will respond in real-time.

 10:45am - 12:45pm: What's the Downside of Private Sector Offensive Engagement?

Featuring Dr. Anup Ghosh (Founder and CEO at Invincea), Mr. Jeffrey Carr (Founder and CEO, Taia Global, Inc.), Mr. Gunter Ollmann (Chief Technology Officer, Damballa Labs), and Mr. Josh Corman (Director of Security Intelligence, Akamai)

12:45pm-2:00pm: Working Lunch

12 attendees will volunteer to debate the proposition (6 per team). The working lunch will be spent dividing into teams and assisting the debaters in preparing research and debate strategies.

2:00pm - 3:30pm: Debate the Proposition "Private Companies Should be Authorized to Take Measured Offensive Actions Against Attackers"

The debate will be judged by a panel of 5 of our speakers

3:30pm - Closing Remarks

The Waterview Conference Center is one of Washington D.C.'s most beautiful and exclusive facilities but it has a capacity of only 100 people so don't miss out. Register today and be a part of one of 2013's most important events.

We are also still looking for companies to join Basis Technology in sponsoring this important event. Please contact me for more information.

Add to Cart View detail

Akamai: U.S. Ranks Third As World's Source Of Attack Traffic; China ranks 4th

Akamai just released its 2Q 2011 State of the Internet report. For those of you who think that China is the end-all and be-all of cyber attacks, you'll want to get a copy of this report right away. Akamai serves up to 30% of the world's Internet traffic with its Akamai Intelligent Platform; more than 604 million unique IP addresses from 238 countries and regions to be precise. In addition, Akamai runs a dark net of unadvertised honey pot systems. Since they aren't part of Akamai's production platform and aren't utilized in any way, any attempt to connect to those honeypots is interpreted as an attack. Here's the attack data from Akamai's latest report:

The geolocation of IP address isn't proof that any given nation's government is responsible for attacks emanating from servers on its soil, otherwise the Chinese government would be demanding that Secretary of State Clinton explain why the U.S. is generating so much attack traffic (instead of vice versa  which is equally wrong). What these statistics do suggest is that the U.S. government needs to start regulating the Internet Service Provider industry in this country. We have WAY too many bad ISPs operating on U.S. soil that are being used to conduct criminal acts around the world. Host Exploit's latest report shows that the U.S. hosts 5 of the 10 worst ISPs in the world, including the #1 position. 

Note that SoftLayer and The Planet are at the #11 and #12 positions. Both are located in Plano, TX whose Governor (Rick Perry) is hoping to be the Republican nominee for President. Perry has also been courting Huawei to open its North American headquarters in Texas. It seems to me like the Governor of Texas has a great opportunity to demonstrate that cybersecurity should become a priority for this country by making it a priority for the State of Texas first.

Add to Cart View detail