Report for the Cert-IST 2016 Forum

Date : November 08, 2016

The 2016 edition of the Cert-IST yearly conference (the « Cert-IST Forum ») held in Paris on November 23th 2016. This year the conference was devoted to the topic “Intelligence at the heart of the digital transformation”. Following is a summary of the presentations done this day by the speakers. The full agenda of the event, as well as all the presentation materials are available on the Cert-IST website.

 

Cyber-industrial revolution and sovereignty in cyberspace (Laurent BLOCH – Institut de l’Iconomie)

The speaker introduced the (digital) cyber-industrial revolution and its main consequences (disruption of the economy, culture, military strategy and international trade). He also described cyberspace as well as the factors of sovereignty before concluding with the situation of Europe and the France in the face of the cyberpuissances the United States, China and the 4 cyberdragons (South Korea, Taiwan, Singapore and Israel).

 

Certificate Transparency (Florian MAURY, Maxence TURY – ANSSI)

Speakers presented in the first part a study on the certificates that used TLS versions and their evolutions over time. Then, the speakers presented the "Certificate Transparency" mechanism (described in the RFC6962) which allows to log the certificates in order to detect fraudulent or unwanted certificates.

 

Active Directory : How to turn a weakness into a strong point ? (Vincent LE TOUX - Engie)

The speaker made a quick review of several techniques that can be used to compromise the Active directory , and the Kerberos authentication mechanism, on Microsoft Windows systems. Emphasis has also been placed on the fact that the assignment of privileges is not always intuitive. In addition, the existing attack tools for Active Directory are regularly updated and improved, some of them even automating complex threat scenarios. The speaker finally pointed out that Active Directory itself already provides advanced auditing functions which, by defining strict security policies and the development of a few scripts, can drastically reduce the risk of such attacks.

 

The use of intelligence in the cyber-defense chain (Yann LE BORGNE - Threat Quotient)

The speaker essentially defined what threat intelligence is: a cycle (or process) that aims at transforming raw data (technical or non-technical indicators, from public or private sources) into contextualized information in response to a precise need. Through the enrichment of the raw data collected, the goal of the intelligence is to understand the adversaries in such a way to adapt the defense in tactical, operational and strategic terms.

 

Cybercrime and the stakes of the business data safety. (Gérard HAAS – HAAS Avocats)

During this presentation, Mr Haas gave a definition of cybercrime, then he came back on the data manipulated by the companies and the main risks (financial, legal, e-reputation and competitiveness impacts). He recalled the main legislative means to protect themselves against cybercrime in particular the NIS directive of 6 July 2016. Finally, Mr Haas concluded his speech by describing the legal and technical responses to prevent risks and meet the legal obligations.

 

Blockchain technology and security applications (Jon GEATER – Thales UK)

The speaker has first recalled that, beyond its well-known applications such as Bitcoin, a blockchain consists above all in a philosophy: Incentivizing untrusted peers to collectively store, process, and compute data correctly.” Then, the speaker has explained thanks to tangible examples, that due to its properties, Blockchains would be particularly effective in addressing issues such as signing multi-party contracts, identity check, DNS, or authentication.

 

Feedback on Cyber defence training (Matthieu THOMAS – Ministère de la Défense)

This presentation has been the opportunity to discover how the French Navy crews are prepared to deal with cyberattacks and ensure the resilience of the naval vessels in operation in any circumstances. A warship consists of a set of interconnected systems; security of industrial systems is accordingly one of the essential elements.

 

The Threat Intelligence service of the Cert-IST (Olivier BERT, Laurent ZANDONA – Cert-IST)

Speakers of the Cert-IST technical team introduced the new Cert-IST Threat Intelligence service which started the first July 2016. This service is based on different publications (list of attacks, monthly bulletins) and also a MISP database with enents enriched, qualified and contextualized by the Cert-IST team.

 

Conclusion

The 2016 forum was a success. The day was rich in exchanges on various topics. About one hundred attendees took part to the discussions, during the presentation sessions, but also during the breaks that was schedule all along the day. We invite you now for our next edition of the Cert-IST Forum.
Previous Previous Next Next Print Print