Marc Bown

Marc Bown is the Managing Consultant for Trustwave's SpiderLabs division in the Asia-Pacific region, and is responsible for the delivery of Penetration Testing, Application Security and Incident Response Services. Marc's experience in both incident response and penetration testing gives him a unique and hands-on insight into the methods being used by criminals to compromise computer systems and to steal the valuable data contained within these systems.

AusCERT2012 Presentation

Australian Data Security Compromises - Size Doesn't Matter (Really!)

Highly targeted, well planned and technically advanced attacks have all made the headlines in the past twelve months. Many people now operate under the belief that the biggest threat to their data security is a sophisticated attack levelled specifically at them. As a result, many of us are spending our times worrying about how we can secure our networks against these new, sophisticated threats.
Whilst it is undoubtably true that this new breed of targeted attacks are a growing threat, our experience is that more companies are still being compromised through traditional means.

Trustwave performed over 60 forensic investigations in Australia in 2011. Contrary to popular belief, most of the organisations investigated were not "high profile" targets and none of the compromises made headlines. For the victims of these attacks, the impact was real. The victims considered themselves secure and were surprised to learn that an attacker would have any interest in their environment.

None of the attackers could be called technically sophisticated. The issues leveraged by attackers were universally well understood by our industry. The victims were targeted just because they were connected to the internet.

In this presentation we will discuss our experience with compromises in Australian and give you insight into the techniques used by attackers. We'll give specific examples, and suggest controls relevant to the attacks.

AusCERT2012 Presentation in PDF format