Home > Uncategorized > RSA 2010

RSA 2010

Earlier this week I once again went to the RSA Conference in San Francisco. I could have gone to some of the presentations and panels, but once again I chose to not do so. Why? I have found that many times one can learn more from meeting and talking to people at this conference rather than attending sessions, and once again I found this to be mostly true.

I went to the RSA Conference last year and noted in a blog entry shortly afterwards that attendance had dropped considerably from 2008. An unfortunate outcome was my having to deal with the conference’s PR firm, which objected to my mentioning the then downward turn in attendance. Good news—this firm should have no objection whatsoever to my saying without any reservation that the attendance for RSA 2010 was dramatically higher than last year. My main metric, good or bad as it might be, is how easy it is to get from point A to point B within the Moscone Convention Center. This year I had to constantly dodge people in the main upstairs areas and down below in the exposition hall. Seating areas were crowded. There is no doubt that attendance was at least back to its 2008 levels, or very possibly even higher.

Some of the most valuable time I spent at this conference was the time I spent with a very seasoned information security professional who works for the U.S. government. He was the first to inform me several years ago about the major shift in attack strategies from targeting servers to attacks targeting browsers on small systems running Office, Adobe Acrobat Reader, Adobe Flash Player, and other widely used applications. He had previously told me how spear phishing went hand-in-hand with such attacks, but a few days ago he told me that the most recent round of attacks also exploits social networks. If an attack against a particular person who works for a U.S. government agency or another organization succeeds, the attackers will next attempt to determine with whom the victim frequently sends email and IM, and also to whom that person is connected on social networking sites. The goal is to determine the next round of targets. Once the attackers have successfully attacked the computers of individuals within the original victim’s circle of contacts, the attackers can obtain a wider range of information related to subjects of interest so that this information can be aggregated for intelligence purposes. My friend concluded that the Internet is used for a very broad range of purposes, one of the main ones of which is social purposes. The fact that social purposes mix with other, more sensitive purposes such as on-the-job communications with others creates major vulnerabilities for perpetrators to exploit.

I also had lunch with a person who had attended a conference session that I now very much wish that I had attended. This session covered the processes involved in planning and preparing for perpetrating identity theft. Pictures that this person had taken with her iPhone told much of the story. One picture showed a device that made phony credit cards. Another showed the products—a container full of bogus credit cards.  Still another showed an “ID theft store” for use by identity thieves.  One showed a storyboard with the picture of the targeted victim and information needed to carry out the identity theft attempt. A final one showed a display showing information being used in an identity theft attempt. Seeing these pictures nearly sent chills down my spine. Think of the value this information and these pictures would have in information security awareness efforts!

By all appearances RSA 2010 appeared to be a huge success. If I didn’t see you there this time, I’ll hopefully see you there next year!

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.