Panel: Internet Wars 2007

Presented at DEF CON 15 (2007), Aug. 4, 2007, 5 p.m. (50 minutes)

Continuing our new tradition from last year, leading experts from different industries, academia and law enforcement will go on stage and participate in this panel, discussing the current threats on and to the Internet, from regular cyber-crime all the way to the mafia, and even some information warfare. In this panel session we will begin with a short introductory presentation from Gadi Evron on the latest technologies and operations by the Bad Guys and the Good Guys. What's going on with Internet operations, global routing, botnets, extortion, phishing and the annual revenue the mafia is getting from it. The members will accept questions on any subject related to the topic at hand, and discuss it openly in regard to what's being done and what we can expect in the future, both from the Bad Guys and the Good Guys. Discussion is to be limited to issues happening on the Internet, rather than this or that vulnerability. The discussion is mostly technological and operational in nature, although last year attendees chose to ask questions directing the discussion to the legal side of things. Participants are people who are involved with battling cyber-crime daily, and are some of the leaders in the security operations community of the Internet.


  • Paul Vixie - ISC
    Paul Vixie holds the record for "most CERT advisories due to a single author" which came primarily from his years hacking on BIND4 and BIND8. Later on he cut off the oxygen supply to his brain by wearing a necktie for AboveNet, MFN, and PAIX. At the moment he is President at ISC where his primary duty is to sign paychecks for the people who bring you BIND9 and F.ROOT-SERVERS.NET. He is also an occasional critic of just about everything (the blog: FM.VIX.COM).
  • Randy Vaughn - Baylor
  • Dan Kaminsky - IOActive
    Dan Kaminsky Dan Kaminsky is the Director of Penetration Testing for Seattle-based IOActive, where he is greatly enjoying having minions. Formerly of Cisco and Avaya, Dan was most recently one of the "Blue Hat Hackers" tasked with auditing Microsoft's Vista client and Windows Serve 2008 operating systems. He specializes in absurdly large scale network sweeps, strange packet tricks, and design bugs. Randal Vaughn teaches a variety of courses in Information Systems. Vaughn is a widely quoted expert in the areas of cyber warfare, cyber defense, and internet threat metrics and reporting. He is on the Board of Advisors for MI5 Security and an Academic associate for the AntiPhishingWorkingGroup. He is a member of Educause, the Society for Information Management (SIM), and the Association for Computing Machinery (ACM). His work has been published in several mathematics publications and he has authored white papers such as "Using PowWow in the Academic Environment" for Tribal Voice. Previously, Vaughn worked at Mobil Exploration and Producing Services, Inc. as a computer analyst for seismic processing support. Prior to that, he was the lead designer for Vought Aircraft's Group Technology Support Software, a component of the U.S. Air Force's Integrated Computer Aided Manufacturing project. He also served in the U.S. Air Force as a project engineer and database administrator. Vaughn's operating system experience includes legacy mainframe operating systems, Microsoft Windows, Linux, and Apple Mac OS and Mac OS X operating systems.
  • Dan Hubbard - Websense
    Dan Hubbard is the VP of Security Research at Websense and runs Websense Security Labs. He is responsible for all things security at Websense, including managing the Websense Security Labs that researches, analyzes, and reverse engineers malicious code, analyzes security trends, and provides research on malicious Websites and network protocols. Hubbard also defines security-related product features. He is the pioneer behind Websense's Web filtering database that supports its Security Group. Hubbard also acts as the company's security spokesperson
  • Thomas Grasso - FBI
    Thomas Grasso began working with computers in 1993 as a network administrator. In 1998 Mr. Grasso received an appointment to the position of Special Agent with the Federal Bureau of Investigation (FBI). After attending new agents training at the FBI Academy in Quantico, Virginia, Mr. Grasso was transferred to the FBI.s Chicago Field Office where he was assigned to the Regional Computer Crime Squad. In the fall of 2000, Mr. Grasso was transferred to the FBI.s Pittsburgh Field Office and assigned to the High Technology Crimes Task Force where he served as the FBI Liaison to the Computer Emergency Response Team Coordination Center (CERT/CC) at Carnegie Mellon University. Mr. Grasso is now part of the FBI.s Cyber Division and is assigned to the National Cyber-Forensics and Training Alliance (NCFTA) in Pittsburgh, a joint partnership between law enforcement, academia, and industry. Mr. Grasso is a 1991 graduate of the State University of New York at Buffalo, where he majored in Geological Sciences and minored in Music.
  • Andrew Fried - IRS
    Andrew Fried is a Senior Special Agent with the Treasury Inspector General for Tax Administration's System Intrusion and Network Attach Response Team (SINART). His organization is responsible for investigating computer security incidents involving the Internal Revenue Service. During his 17 year career with Treasury, he is credited with developing his agency's Computer Investigative Specialist (CIS) program, whose members are responsible for analyzing seized computers, as well as the SINART program, whose mission is to investigate computer intrusions and conduct pro-active network penetration testing. In 1986, while working at the Kennedy Space Center, he developed one of the first suites of software programs specifically designed for analyzing seized computers. His software was distributed, free of charge, to law enforcement agencies throughout the world.
  • Gadi Evron - Moderator
    Gadi Evron works for the McLean, VA based vulnerability assessment solution vendor Beyond Security as Security Evangelist and is the chief editor of the security portal SecuriTeam. He is a known leader in the world of Internet security operations, and especially in the realm of botnets and phishing as well as is the operations manager for the Zeroday Emergency Response Team (ZERT). He is a known expert on corporate security and espionage threats. Previously Gadi was the Israeli Government Internet Security Operations Manager (CISO) and the Israeli Government CERT Manager which he founded.


Similar Presentations: