AusCERT2015

Connect with us   ​  

Troy Hunt

Troy’s a local Gold Coaster who runs the free service “Have I been pwned?” which aggregates large data breaches and notifies impacted subscribers of their exposure. He’s also an author for Pluralsight where he creates online security courses for developers and is a Microsoft Regional Director and Most Valuable Professional.

Twitter: @troyhunt

Presentation Title
Lessons from a quarter of a billion breached records
Abstract

What motivates attackers to dump data publicly? How is it sold, traded and redistributed and for that matter, what even causes adversaries to go public with it? These are all questions I’ve dealt with over the years running the ethical data breach search service “Have I been pwned”. It’s also given me the opportunity to interact with everyone from the attackers breaching these systems to the impacted organisations to law enforcement agencies. 

In this talk, I’ll share the lessons learned from working with more than a quarter of a billion publicly dumped records as a result of major data breaches. The talk sheds light on how this class of adversary operates and the weaknesses within organisations they continually manage to exploit. It’s a unique inside look at security from a very real world and very actionable perspective. 

Key points to be covered include: 

1. The role of children in orchestrating data breaches – what motivates minors and young adults to carry out attacks against online assets 
2. The methodologies employed – how are the perpetrators identifying and then compromising targets, particularly when many are so inexperienced 
3. The underlying risks which enable these incidents – where is that organisations are falling short and enabling these attacks to occur 
4. The ready availability of online data breaches – how readily accessible data breaches are on the clear and dark webs as well their propensity to be traded 
5. How organisations are actively monetising breached data – the commercial activities that occur in the wake of a data breach to capitalise on the incident 
6. Authenticity and fraudulent breaches – the spate of copycat data breaches which inevitably follow public dumps 
7. The impact of media on social perceptions – how the press represents these incidents and the views that are consequently formed by the public 

REGISTER HERE!

Conference Highlights

New Venue
Don't miss the best cyber security conference in Australia at the Surfers Paradise Marriott, only 150 m from Surfers Paradise beach

Conference MC
Comedian and Mathematician Adam Spencer will host the conference, Gala Dinner and Speed Debate

Career Café
Retreat to the back of the exhibition away from the noise for a real coffee at the AusCERT2016 Career Café and chat with specialist Infosec recruiters