Assessing the Hacking Capabilities of Institutional and Non-institutional Players

Presented at DeepSec 2016 „Ten“, Unknown date/time (Unknown duration)

Cyberwar, Cyberterror and Cybercrime have been buzzwords for several years now. Despite the problem of finding useful definitions for modern IT security threats and so much criclejerking bullshit bingo going on, we have to think about the assessment of capabilities in the IT field. Besides institutional actors like states and their military and intelligence communities we also have to assess the capabilities of non-institutional actors like terrorist groups or organised crime. However, unlike the assessment of classic military strength, assessing the capabilities and powers of actors in the IT field is much more complicated and complex. In this talk I will introduce the first tools, methods and statistics to compare hacking capabilites and assess the »cyber fighting power« of different actors.

Presenters:

  • Stefan Schumacher - Magdeburg Institute for Security Research
    Stefan Schumacher is the president of the Magdeburg Institute for Security Research and editor of the Magdeburg Journal for Security Research in Magdeburg/Germany. He started his hacking career before the fall of the Berlin Wall, on a small East German computer with 1.75 MHz and a Datasette drive. Ever since he liked to explore technical and social systems, with a focus on security and how to exploit them. He was a NetBSD developer for some years and involved in several other Open Source projects and events. He studied Educational Science and Psychology, has done a lot of unique research about the Psychology of Security with a focus on Social Engineering, User Training and Didactics of Security/Cryptography. Currently he's leading the research project Psychology of Security,focusing on fundamental qualitative and quantitative research about the perception and construction of security. He presents the results of his research regularly at international conferences like AusCert Australia, Chaos Communication Congress, Chaos Communciation Camp, DeepSec Vienna, DeepIntel Salzburg, Positive Hack Days Moscow or LinuxDays Luxembourg and in security related journals and books.

Links:

Similar Presentations: