Posted by Virus Bulletin on Sep 27, 2013
We speak to VB2013 presenter Jarno Niemela about APTs and about what he aims to bring to VB2013.
The VB2013 conference takes place next week (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.
Today, we speak to Jarno Niemela, who will speak at VB2013 about statistically effective protection against APT attacks.
Tell us a little bit about yourself - your job and your responsibilities.
"I work as Senior Security Researcher at F-Secure, my main job is to look after our automatic malware analysis systems and labs backend, but in addition to that I always have one or two research projects going on.
"During the past couple years I have focused my research on APT and other corporate espionage attacks. But instead of just trying to keep track of the APT operators I have been looking as methods by which corporates can break as many of those attacks as possible."
Can you give us a brief outline of what you will be speaking about at VB2013?
"At F-Secure we have been recommending additional security measures in addition to using our products for a couple years. However, our knowledge of the effectiveness of these methods has been based on ad-hoc experiments and anecdotal evidence. So I decided to test the methods against a larger population of samples and see how well they fare."
Why is your presentation particularly relevant to the security community?
"While it is important to detect and react to new security threats, being able to prevent the attacks in the first place is much more cost effective. System hardening is not very glamorous and can be viewed as tedious, so I wanted to get some proof of just how effective even simple security measures can be.
"I hope that the information I have produced will help security staff at companies to convince their IT counterparts why they should bother to deploy these changes to the corporate infrastructure."
What can delegates learn from your presentation?
"Most of the things I am covering in my presentation are not actually new, and some of them are really obvious. But that's not the point. Even as the protection measures I chose for testing are really basic they still are not deployed in customer environments. So what the delegates get from my presentation is facts to convince IT organizations why the changes should be deployed to corporate environments."
What other presentations are you looking forward to?
"Actually quite a lot of them look interesting - my main research focus is on the behavioural analysis side, so I'll be following every presentation that focuses on behavioural analysis."
How many VB conferences have you been to?
"VB2013 will be my 5th VB and the second time I have presented at the conference - having presented a paper on Symbian malware at VB2005."
Have you visited Berlin before? What are you looking forward to seeing/doing whilst in town?
"I have been to Berlin a couple of times before - the Nikolaiviertel district is well worth a visit."
Jarno Niemela will present 'Statistically effective protection against APT attacks' at 11:20 on Friday 4 October.
The full programme for VB2013, including abstracts for each paper, can be viewed here.
Read more about why you should attend VB2013 - and download our letter templates as a guide for justifying to your budget holder why you should attend VB2013.
VB2013 takes place 2-4 October 2013 in Berlin, Germany - online registration is now open - we'd love to see you there!
Posted on 27 September 2013 by Helen Martin