EICAR 2013: Data protection <> data security?


Eddy Willems

G Data and EICAR, Belgium
Editor: Helen Martin


Eddy Willems presents a round up of the 22nd EICAR Conference, held in Hannover last month.

The 22nd EICAR Conference was held last month at the Leibniz University of Hannover, home of the prestigious Institute for Legal Informatics. One of the aims of this year’s event was to discuss the related topics of data protection and data security alongside each other, rather than in isolation.

Gripping speeches

As has become tradition, the event started with some pre conference lectures which were given by students from the French ESIEA institute on MS x64 assembly and CARBEP. After that, gripping opening speeches were given by Peter Kruse (CSIS) on the Tinba banking trojan, and by Prof. Dr Nikolaus Forgo (Leibniz University) on data protection and privacy.

An unscheduled presentation was made by Righard Zwienenberg – a short tribute to Péter Ször, well known security researcher and friend of Righard (and myself), who died unexpectedly just days before the conference. Péter was a regular presenter at the EICAR conference in its early days.

This year, the conference was divided into two tracks: ‘scientific/technical’ and ‘scientific/legal’. A broad selection of highly respected German speakers, including Prof. Peter Gola and Prof. Dr Michael Schmidt, presented papers in the legal track on topics that included big data, cloud security, and even the NSA-PRISM-related problems. As the conference went on, ‘data privacy’ emerged as possibly the most well-used term during the event. Whereas in the past 20 years, the word ‘privacy’ was barely uttered in any speech at any security conference, it now seems to turn up in almost every presentation. Until we reach a worldwide recognition of and agreement about data privacy laws, we will continue to come across a lot more contradiction and problems relating to privacy. This is one of the big challenges for the coming years. It could be handled with better international laws and optimized programming, but a lot of work still needs to be done. Big data is a good example of this and it is already becoming both a solution and a problem in itself.

BYOD is an important trend in the IT industry and was another important topic of the conference. Whereas legal compliance of BYOD can be achieved by taking the right steps, it should always be considered whether or not the option to provide employees with company-owned devices (which may be used privately as well as in the workplace and which, in addition, may be chosen freely by the employees within certain boundaries) would not constitute a significantly easier model, combining the advantages of BYOD with the safety of full technical and better legal control of devices. A BYOD model must be thoroughly adapted to the company’s business model and processes within the IT infrastructure, in particular regarding hardware and software ownership and maintenance, data ownership, IS security policy, data security and liability.

This year’s ‘Best Student Award’ was given to the paper ‘Automatic Code Features Extraction Using Bio-inspired Algorithms’ by Ciprian Oprisa and Georges Cabau of Bitdefender, and Adrian Colesu from the Technical University of Cluj-Napoca.

Next year and the future

This year’s event was a good one, but the EICAR board feels that more effort needs to be put into having even more interesting papers and even better presentations next year. That’s part of the reason why EICAR is set to move in a different direction: why not combine two good meetings, events or conferences? I have always been in favour of bringing people together and, being on the boards of both AMTSO and EICAR, I have always liked the idea of combining the two events. Next year, we plan to hold the annual EICAR conference at the same venue as the autumn AMTSO meeting (immediately following it). I am pleased to announce that, if all goes according to plan, the EICAR conference will be held in mid to late October 2014 in Canterbury, UK. We aim to have two separate tracks once again: one academic/scientific/legal-related track and a security/malware-related track, with several internationally well-known keynote speakers.

EICAR is also looking into other initiatives and we hope to hold a one-day expert meeting (possibly in February) in Bochum, Germany. Details of the subject, exact date and venue will be announced soon on the EICAR website (http://www.eicar.org/). I am already looking forward to the opportunities to meet new people and exchange ideas on new projects – maybe making the world a little bit safer.



Latest articles:

VB2018 paper: Fake News, Inc.

As the world grapples with massive disinformation campaigns waged by the intelligence agencies of hostile nations, we should not forget that such activities are not limited to the purview of the Bears or Pandas of the world, and that even relatively…

Alternative communication channel over NTP

Nikolaos Tsapakis explores Network Time Protocol (NTP) as an alternative communication channel, providing practical examples, code, and the basic theory behind the idea.

VB2018 paper: Under the hood: the automotive challenge

In an average five-year-old car, there are about 30 different computers on board. In an average new car, there are double that number, and in some cases up to 100. That’s the size of network an average SMB would have, only there’s no CIO/CISO, and…

VB2018 paper: Android app deobfuscation using static-dynamic cooperation

Malicious Android applications are quite common, and can even be found from time to time in the Google Play Store. Thus, a lot of work has been done in both industry and academia on Android app analysis, and in particular, static code analysis. One…

VB2018 paper: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

CRASHOVERRIDE is the first publicly known malware designed to impact electric grid operations. Reviewing previously unavailable data covering logs, forensics, and various incident information, in this paper Joe Slowik outlines the CRASHOVERRIDE…

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.