First day of Internetdagarna ’08

Back from the first day of Internetdagarna ’08 (The Internet Days) where I followed the IT-security line of seminars.

So what did I get home with me, apart from the orange swag-bag above, from the different seminars?

The first seminar was “Hotbilden – organiserad brottslighet, cyberterrorism och industrispionage” which translates to something like “The threat landscape – organized crime, cyberterrorism and industrial espionage” and was moderated by security interested journalist Tomas Gilså from Techworld. The participants were Tomas Djurling (DSI), Vesa Virta (FRA), Svante Nygren (KBM) and Stefan B Grinneby (SITIC).

First a presentation was held by Tomas Djurling which discussed the different threats against swedish companies and organizations and where those were coming from. Tomas is a former FRA employee and as such the seminar was a bit colored by international military and paramilitary threats. He also said that Islamistic terrorists are getting funding through internet crimes such as CC stealing botnets and so on. No references were given during the presentation and this was new to me (!) so it’ll be interesting to see if this is going to be discussed further in the industry (and if its true). Of course, if FRA is his source we will never know as their business are classified.

After his presentation there was a moderator lead debate in which the audience could submit questions on paper notes. I’m not going to comment on what was said here at this time but there was some interesting things discussed. The sound recording of this debate will be published later and I need to get some facts straight before commenting on what was said here.

The next seminar was “Incidenthantering i praktiken” which in english is “Practical Incident management” and was moderated by Anne-Marie Eklund Löwinder from .SE. Three speakers participated and those were Stefan B Grinneby (SITIC), Annica Bergman (Dataföreningen) and Michael Anderberg (Microsoft).

Stefan from SITIC talked about practical incident management under the theme “Incident management, firefighting or oil sanitation” and it actually worked It was a good introduction to the process of both preparing for incidents and practical hints on what to do in case of an emergency. His presentation was very clear and it made me want to steal parts for my seminars We’ll see about that though

Annica Bergman from Dataföreningen talked about a large scale incident that took place in the beginning of 2008, when the hacker group “Vuxna Förbannade hackare” broke in to their member services using SQL injection attacks and stole their whole member list (26000 members) including e-mail addresses and passwords. These details were later published on Flashback with a huge media storm as a result. She described the 90 days following the incident and discussed what her experience had been like and it was interesting listening to it. I wrote about another intrusion made by this group in this post.

Michael Anderberg from Microsoft talked about SDL (Secure Development Lifecycle) and how it’s applicable not only to software development, but also to incident preparation and management with CodeRed/Nimda as examples. For those interested he also gave a reference to this book as a source of additional information.

Last but not least were “Debattt: Utmaningarna” which translates to “Debate: The challenges” which was a debate about what the internet would look like in the year 2020 policy- and security-wise. The participants were Jan Kallberg (legal expert, also debate moderator), Nicklas Lundblad (Policy Manager, Google Europe) and Kurt-Erik Lindqvist (CEO Netnod).

This seminars started out with all speakers takign turns to present their primary views on how the internet would look like and what implications that might have in the year 2020 (12 years from now).

After this there was a moderator lead debate in which the audience also got to pose questions or statements that the panel commented on. The debate was both entertaining, informative and extremely straightforward. A lot of the discussions were either directly or indirectly relating to the surveillance debate we are seeing all over the world and it was great to see the panel tackle both the philosophic angle and the practical angle of this. This was, for me, the most intellectually stimulating seminar of all. Great perspectives presented by great thinkers.

Tomorrow Internetdagarna ’08 continues and I’ll be back with more information.

Here are a few of the photo’s I took during the day (didn’t take many, focused on listening;) ):

Internetdagarna ’08 posters

My colleague Rickard Uddenberg (Marketing Manager, Panda Security)

A Free Software Foundation rep. that also gave me a tip of gNewsense (the really free (as in freedom) Linux distribution)

The Free Software Foundation poster behind him…

The World Internet Institute (The Swedish part of World Internet Project) poster.