Keynote Sessions 2014
Dr. Nirmaljeet Singh Kalsi (Joint Secretary, Ministry of Home Affairs, Government of India)
Topic : Social Media and National Security
Dr. Nirmaljeet Singh Kalsi is working as Joint Secretary to Government of India, Ministry of Home Affairs at New Delhi. He was looking after the matter relating to the Centre-State relations till 2010. Presently his main responsibilities include management and deployment of Central Armed Police Forces (CAPFs), namely CRPF, BSF, CISF, ITBP, SSB, Assam Rifles and NSG. He is also responsible for Cyber Security and Information Security as Chief Information Security Officer, MHA and various projects related to Information & Communication Technology.
Alok Vijayant (Director, Cyber Security Operations at NTRO, India)
Topic : Managing Cyber Warriors : Preventing Cyber Naxalism
Alok Vijayant is Director, Cyber Security Operations at National Technical Research Organisation (NTRO) - India's premier scientific organization under the National Security Advisor in the Prime Minister's Office. It was set up in 2004 and also includes the National Institute of Cryptology Research and Development (NICRD), which is first of its kind in Asia.
Shri. Arvind Gupta (National Head : Information Technology Cell BJP)
Topic : Need of Indigenous Infrastructure
Sh. Arvind Gupta is the head of the Bharatiya Janata Party's IT division.
Amit Sharma (Joint Director, DRDO, India)
Topic : Cyber Weapons and Advanced Threats to National Security
Amit Sharma is currently serving as Joint Director in the Office of the Scientific Advisor of Defence Minister, Defence Research and Development Organization (D.R.D.O), Ministry of Defence, Government of India. He has worked in the field of Information Security, Information warfare, Strategic Information Dissemination Systems, Net Centric Warfare, C4I2SR systems and Secure and survivable networks. For his work on cyber terrorism and national security issues, he was awarded Commendation Letter by the Chairman of the Standing Committee on Defence in 2009. He was awarded dissertation prize for his monograph "The Art of Cyber wars" at the UK Defence Academy in 2009. He is also Awarded Special Award for Strategic Contribution for the year 2012 by Hon'ble Defence Minister.
Technical Speakers 2014
Tracking a Cyber Espionage Group
Speaker : Rahul Sasi (fb1h2s) is working as a Security Researcher for a Global Research firm. He has authored multiple security tools, advisories and articles. He has been invited to speak at various security conferences like BlackHat, Cocon, Nullcon , HITB , EKoparty, CanSecwest, HITCON.
Session Abstract : The talk would be based on our analysis on an APT Teams specialized in targeting government contractors . We would explain in our talk how we traced the attackers, identified their infrastructures, tools they used to attack their targets. The talk would help people understanding the e-crimes that are related to cyber espionage and how the culprits could be tracked. Since the attackers mainly target government and private tendering, we would explain the many ways organizations could stop such attacks. The targeted audience of the talk would be Antivirus companies, Corporates , IT security professional, or cyber cells. The talk would help understand the various e-crime units targeting multiple nations.
Hacking Consumer Electronics For Fun
Speaker : Atul Alex Cherian loves playing the guitar and swears by the abusive tolerance of Perl. In his free time, he loves to break open things and
look around. He's also part of the crew behind 'MalCon : The International Malware Conference'. Alex routinely speaks at security conferences including MalCon, ClubHACK, Nullcon, Hack.lu, Ground Zero Summit etc & has over 11 years of programming experience.
Session Abstract : We are surrounded by electronic devices which seem straight forward but are infact much more complicated underneath.Today, 'connectivity' has become a 'mantra' of sorts & almost every electronic device we own is capable of it.This is where the the real trouble starts. We've all heard the phrase 'A chain is only as strong as its weakest link' & this gathers a whole new meaning when it comes to personal security, when almost every consumer electronic device is connected to your internal home network. This talk will focus on techniques that can leverage these devices as attack vectors with appropriate case-studies.
"Let Me In" Password Cracking Case Study
Speaker : Samir Datt (Certified Disk Duplication & Computer Forensics Specialist, USA) is CEO of Foundation Futuristic Technologies(ForensicsGuru.Com). He is Certified Disk Duplication is Computer Forensics Specialist from USA with 25+ years of experience. He has worked closely with various Government Agencies to assist in investigation cases involving digital evidence.
Session Abstract : The talk will discuss the problems involved in lawful password cracking, the different approach and will end with case study.
Steno.io - Steganography Web Application
Speaker : Gregory Alvarez Garcia (Goswell - France) has been using computers since he was 3 years old and he learned to program when he was 8. He speaks fluently French, Spanish and English. During his childhood, his father taught him electronics, robotic and IT. He is specialized in security and has worked for the government with a security clearance. His languages are C, Python and Bash. He plays guitar, practices martial arts, basket ball and climbing.
Session Abstract : Steno.io brings encryption to a next level: on a piece of paper. It uses the Puzzle algorithm to generate a secure relation between two sets of words based on a password. The words in the message are then replaced by their corresponding ones in the other set (a dictionary). By having a ciphertext composed of words, Steno.io is able to hide the message in the massive amount of information that is internet. But its best advantage is when wrote down on a paper, it can evade any electronic surveillance.
Hacking Telecom system via RF and Core Network Access
Speaker : Akib Sayyed is currently working as Telecom security researchers and auditor. He has presented his research paper at NullCon 2012 and c0c0n 2014.
Session Abstract : This talk focuses on Hacking Telecom system via RF and Core Network Access. Hacking Using RF interface: Now a days it is easy to get hands on RF interface using Software defined Radios. Using these Radio one can eaisly listen , inject data into wireless communication. in this part I shall explain in short about ways to use SDR to hack wireless communication. Hacking Core Network (SS7): Signalling system 7 is a core backbone for Telecom Operator for Call Establishment ,billing ,routing ,information exchange etc. SS7 it a very critical infrastructure of Telecom network. It is assumed to be secure by operator as only trusted operator have access to it. But recent research shown that ss7 is vulnerable to different types of attack.
Vulnerability Assessments on SCADA: How I 'owned' a Critical Infrastructure
Speaker : Fadli Bin Sidek (Security Consultant, BT Global Services - Singapore) is a security consultant by day and a bookworm by night, Fadli works at BT as a penetration tester and has a huge passion in security. He graduated from Murdoch University, Australia with a Double Majors Degree in Cyber Forensics, Information Security Management He has spoken in security seminars around the world.
Session Abstract : Critical Infrastructure security has been on the news and the talk of the town since 2005. While there are many talks and demonstrations about how to penetrate and exploit SCADA systems, little discussions about the pre-exploitation phase were shared and discussed. I'm talking of course about the Vulnerability Assessment phase. Some may have performed such assessment before and many are curious as to how to start it in the first place. Questions like, what are the methodologies used in performing an assessment on SCADA networks? What information is required before we click the 'Start Scan Now' button? What plugins should be used? And do my scans guarantee that these ultra sensitive systems will not go down? And which approach (automatic or manual) should be used in which situation. This talk is to share my personal experience and challenges faced during a SCADA assessment. I will also give an overview of a typical SCADA environment, the tools used for the assessment, the type of vulnerabilities found and how easy it is for an attacker to potentially 'own' the Power Grid.
Who Put the Backdoor in My Modem??
Speaker : Ewerson Guimaraes (Security Analyst, Ibliss Intelligence and Security - Brazil) is a Security Analyst and Researcher at Ibliss Intelligence and Security. He has published articles in the Brazilian Information Security/Computers magazines H4ck3r,GEEK and H2HC Mag , moreover, posted exploits and advisory on SecurityFocus found in big companies like: IBM, McAfee, Skype, Technicolor, Tufin, Trend Micro and others. Contrib to develop some modules to Metasploit Framework Project. He is Founder of BHack Conference and Area31, the first hackerpsace in Minas Gerais.
Session Abstract : Ewerson's session will focus a backdoors found on the modem/router, equipment that has a big question mark on top of it, because there isn't a vendor identification and no information about who's its manufacturer and there are at least 7 companies linked to its production, sales and distribution in the market. Moreover, some of them never really existed. Which lead us to question on the research
OH Crash! Whatsapp Messenger DoS Attack
Speaker : Ashwin Thawrani and Rajat Agarwal are Security Enthusiast, who have interest in testing Instant messaging Application. They have a lot of interest in learning advanced Ethical hacking.
Session Abstract : While browsing several features of WhatsApp messenger and chatting with our friends, we found a bug or you can say an exploit technique in WhatsApp messenger to freeze or decrease the performance of the receiver's mobile phone or tablet. In this session, Ashwin and Rajat will demonstrate DoS attack on Whatsapp Messenger for iOS, Android on various Handset models.