SAS-2024 – truly cosmic (and world-record breaking!)

Hai folks!

The official part of our SAS-2024 conference: done.

Now – the fun part: our esteemed delegates, respected speakers, honorable guests (and I!) continue to enjoy this picture-perfect corner of the island of Bali while they come to their senses – still digesting the mega-doses of first-class cybersecurity content they’ve just received…

As to my (direct) participation in the proceedings (besides watching the speeches), the highlight for sure was my being on stage – not as interviewee, but as interviewer. I can’t recall if I’d ever done such a thing before (if I had it was decades ago). Anyway, it felt like the first time – and early on I was really nervous! Yes – me! But I soon got into the swing of it – no doubt partly due to just how interesting my interviewees were: the Russian cosmonaut Mikhail Kornienko and American astronaut Leroy Chiao! We discussed all sorts of cybersecurity issues in space: how they duplicate the comms channels on the International Space Station, who’s responsible for installing updates, what happens if an incident occurs, and lots more besides…

Not only was the chat fascinating – it looks highly likely it was also a record-breaker! It was the first cybersecurity conference at which both Russian (Roscosmos) and American (NASA) cosmonauts/astronauts took part! And I reckon we’ll be adding taikonauts to the roster in coming years too, surely )…

Space research is critically important to all of mankind. And just like international joint efforts are vital to cybersecurity on earth – I’m convinced they’re just as vital in space. So it’s so encouraging to see cooperation between countries when it comes to all things outer-space – despite the geopoliticisms that try their best to get in the way. And maybe such international cooperation in space programs, flights and research could act as a catalyst for a return to normal relations in other spheres – including the just-mentioned global cybersecurity on earth.

I don’t know how often alcohol features at parties on the International Space Station, but at SAS, it’s tradition to have a tipple or two – including good brandy!…

And not just by astro/cosmonauts, but all the speakers (and in fact all the audience too:) ->

Now for a brief taster of some of the top content:

That there up on stage is Fabio Assolini of our GReAT team. His presentation was on the Brazilian banking trojan Grandoreiro, and how it used assorted advanced obfuscation techniques to empty the accounts of clients of 1700 (!) banks and 276 (!) crypto wallets in 45 (!) countries. I use the past tense there, but its attacks are still ongoing – and still spreading out geographically, despite arrests of its regional operators in Argentina, Brazin and Spain (where most of the attacks occur). Fabio reckons Grandoreiro now represents a global threat – after filling the niche that formed when Eastern European cyber-baddies turned their attention to ransomware.

Boris Larin – also of GReAT – shared some of his… great research.

In May of this year, he discovered a highly sophisticated attack on cryptocurrency-owning gamer-types. A well-known group created an extremely high-quality online resource for playing multiplayer tanks. Thus, very credible-looking hype was created on social media to convince folks to play the game. The game could even be downloaded! Not that it could be launched after it was. And all this was so that owners of crypto would visit a page in which exploits for vulnerabilities in the Google Chrome browser had been implanted (one was closed promptly – in March; the second was so zero-day it wasn’t known about by then). So it went like this: the user visited the site, played a tanks game, could even download it, but at the same time was exposed to crypto-stealing malware through a hole in Chrome. A very bold and labor-intensive set-up; unique too: I don’t remember any other instances of such gaming-flavored cyber-nastiness.

Then there was the report of Alexander Kozlov and Sergey Anufrienko from another of our teams – ICS-CERT. They installed the game Doom on a car multimedia system using a zero-day vulnerability in a modem.

But those are just a few of the presentations I particularly enjoyed. There were plenty of others. Read about them on our and others’ sites.

Later came the unofficial part of SAS and the gala dinner – when delegates could freely exchange opinions in an (even) more friendly and informal atmosphere.

And that was that – SAS-2024: done and dusted; all good great GReAT!

Many thanks to all involved: participants, speakers, organizers! Top investigations, top reports, top jaw-dropping revelations, top fun. Basically – business-as-usual for our SAS; a business-as-usual that makes me just soooo proud.

Oh, and we’re in Indonesia – a very volcanic country. Fancy that? What a coincidence! Time for some volcano-climbing now, surely? )…