Feeds

Fear sells. Read the report

Hackers grapple with Mephistophelean plumbing

Internet Security Threat Report 2014

Infosec blog The Infosecurity Europe show is almost upon us again. I've personally attended the show every year since 1997, man and boy, making this year's event my tenth attendance.

Over the years the dress code has changed from jeans and t-shirt to business suits and the agenda has shifted towards the business impact of information security breaches (e.g. keynotes this year such as Security Compliance from Conglomerate to SME). New concerns - such as the security impact of VoIP technology - are emerging but hardy perennials, such as the cost of computer virus infection, remain consistent themes.

Surveys keep raining on our heads

Every two years the show serves as forum for the announcement of the DTI's Information Security Breaches Survey, touted as the UK's most authoritative look at security breaches. Latterly the lead up to the report has been accompanied by a string of press releases, sponsored by security vendors, highlighting a particular facet of security that (no surprise here) help to illustrate the importance of the particular firm's technology.

So far this year we've had releases stating "virus infection remains biggest single cause of security incidents", that companies not doing enough to reduce identity theft and on staff misuse of the internet. In the two weeks before the show at least three more releases can be expected, if what happened in 2004 is anything to go by, leaving a the press corps with little enthusiasm for writing about the main launch.

It's the information technology equivalent of releasing six different trailers to promote a movie. Please, someone, make it stop!

Not wishing to pre-empt the survey myself I'll make a small bet that it will conclude that hackers are costing UK business millions and that security incidents are on the rise. This is probably a fair reflection on the situation on the ground but just once I'd like to see a survey that said some aspect of security incidents had dropped in recent times. After all, hard working sys admins need some encouragement every now and again that their labours are not in vain.

Bog blog

It would be remiss of us not to mention public transportation or toilets in this pre-show blog [report - Ed]. London's Olympia is a tricky place to get to outside of rush hours, when a handy shuttle service runs from Earl's Court. Outside of these times London transport advises passage via Hammersmith or West Kensington. Typically people coming in from central London have to change three times and hop on at least one bus.

Of course for the real security freak the very idea of using an Oyster card is an anathema. They'll cycle to Olympia or, better still, take a ride in the trunk on an unmarked car.

And when they're there they'll doubtless want to use the conveniences. Olympia boasts at least three toilets on its ground floor. Unfortunately they're not particularly well marked and all located on the ground floor, a tedious slog away from most of the opportunities for free booze, which tend to happen on Olympia's first floor.

The toilets, once you find them, are well above the standard you'd likely find at most Championship grounds but all in all it's not a satisfactory arrangement. Diagonal Security's usual plan - camp out in a nearby pub and have the world come to you, rather than braving Olympia itself - has much to commend it.

Whatever happened to the likely lads

All this might make you think I'm not looking forward to Infosec. Nothing could be further from the truth. Since moving over to Spain in January the show will be my first opportunity to meet up with key contacts and share a beer. They'll be plenty of talk about defending systems beyond the perimeter, the ethics of security disclosure and malware evolution, no doubt. But what I'm really looking forward is the opportunity to spend time in an environment where law enforcement officials and hackers rub shoulders.

Perhaps it's too much to expect an incident like the arrest of infamous hacker Fluffi Bunny at Infosec three years ago but let's hope for an interesting show nonetheless. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.