EICAR 2013: Data protection <> data security?

2013-12-02

Eddy Willems

G Data and EICAR, Belgium
Editor: Helen Martin

Abstract

Eddy Willems presents a round up of the 22nd EICAR Conference, held in Hannover last month.


The 22nd EICAR Conference was held last month at the Leibniz University of Hannover, home of the prestigious Institute for Legal Informatics. One of the aims of this year’s event was to discuss the related topics of data protection and data security alongside each other, rather than in isolation.

Gripping speeches

As has become tradition, the event started with some pre conference lectures which were given by students from the French ESIEA institute on MS x64 assembly and CARBEP. After that, gripping opening speeches were given by Peter Kruse (CSIS) on the Tinba banking trojan, and by Prof. Dr Nikolaus Forgo (Leibniz University) on data protection and privacy.

An unscheduled presentation was made by Righard Zwienenberg – a short tribute to Péter Ször, well known security researcher and friend of Righard (and myself), who died unexpectedly just days before the conference. Péter was a regular presenter at the EICAR conference in its early days.

This year, the conference was divided into two tracks: ‘scientific/technical’ and ‘scientific/legal’. A broad selection of highly respected German speakers, including Prof. Peter Gola and Prof. Dr Michael Schmidt, presented papers in the legal track on topics that included big data, cloud security, and even the NSA-PRISM-related problems. As the conference went on, ‘data privacy’ emerged as possibly the most well-used term during the event. Whereas in the past 20 years, the word ‘privacy’ was barely uttered in any speech at any security conference, it now seems to turn up in almost every presentation. Until we reach a worldwide recognition of and agreement about data privacy laws, we will continue to come across a lot more contradiction and problems relating to privacy. This is one of the big challenges for the coming years. It could be handled with better international laws and optimized programming, but a lot of work still needs to be done. Big data is a good example of this and it is already becoming both a solution and a problem in itself.

BYOD is an important trend in the IT industry and was another important topic of the conference. Whereas legal compliance of BYOD can be achieved by taking the right steps, it should always be considered whether or not the option to provide employees with company-owned devices (which may be used privately as well as in the workplace and which, in addition, may be chosen freely by the employees within certain boundaries) would not constitute a significantly easier model, combining the advantages of BYOD with the safety of full technical and better legal control of devices. A BYOD model must be thoroughly adapted to the company’s business model and processes within the IT infrastructure, in particular regarding hardware and software ownership and maintenance, data ownership, IS security policy, data security and liability.

This year’s ‘Best Student Award’ was given to the paper ‘Automatic Code Features Extraction Using Bio-inspired Algorithms’ by Ciprian Oprisa and Georges Cabau of Bitdefender, and Adrian Colesu from the Technical University of Cluj-Napoca.

Next year and the future

This year’s event was a good one, but the EICAR board feels that more effort needs to be put into having even more interesting papers and even better presentations next year. That’s part of the reason why EICAR is set to move in a different direction: why not combine two good meetings, events or conferences? I have always been in favour of bringing people together and, being on the boards of both AMTSO and EICAR, I have always liked the idea of combining the two events. Next year, we plan to hold the annual EICAR conference at the same venue as the autumn AMTSO meeting (immediately following it). I am pleased to announce that, if all goes according to plan, the EICAR conference will be held in mid to late October 2014 in Canterbury, UK. We aim to have two separate tracks once again: one academic/scientific/legal-related track and a security/malware-related track, with several internationally well-known keynote speakers.

EICAR is also looking into other initiatives and we hope to hold a one-day expert meeting (possibly in February) in Bochum, Germany. Details of the subject, exact date and venue will be announced soon on the EICAR website (http://www.eicar.org/). I am already looking forward to the opportunities to meet new people and exchange ideas on new projects – maybe making the world a little bit safer.

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest articles:

The dark side of WebAssembly

The WebAssembly (Wasm) format rose to prominence recently when it was used for cryptocurrency mining in browsers. This opened a Pandora’s box of potential malicious uses of Wasm. In this paper Aishwarya Lonkar & Siddhesh Chandrayan walk through some…

Through the looking glass: webcam interception and protection in kernel mode

The computer’s webcam is one of the most relevant components when it comes to digital privacy. In this paper, Reason Software's Ronen Slavin dives into the video capturing internals of Windows and discusses the implementation of a driver that…

VB2017 paper: Browser attack points still abused by banking trojans

With the ever-increasing use of banking-related services on the web, browsers have naturally drawn the attention of malware authors. They are interested in adjusting the behaviour of the browsers for their purposes, namely intercepting the content of…

Does malware based on Spectre exist?

It is likely that, by now, everyone in computer science has at least heard of the Spectre attack. Since many excellent explanations of the attack already exist, this article focuses on the probability of finding Spectre being exploited on Android…

EternalBlue: a prominent threat actor of 2017–2018

At the centre of last year's infamous WannaCry ransomware attack was an NSA exploit leaked by the Shadow Brokers hacker group, known as ‘EternalBlue’. The worm-like functionality of the exploit made a deadly impact by propagating to interconnected…


Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.