|
08:30 - 09:30 |
Registration |
|
09:20 - 09:25 |
Opening Remarks
|
|
09:25 - 11:10 |
Session 1: Understanding advanced cybersecurity attacks and ransomware landscape
This session aims for a better understanding of advanced cybersecurity attacks and ransomware landscape and implications on organizations from those attacks. Especially, it will identify key economic, cultural and regulatory implications on victim organizations from these attacks. It will also focus on overview about how those attacks are carried out and how organizations respond to them.
Session Chair:
Vasiliy Dolmatov (Russia) [ Biography ] -
NIST Cybersecurity Framework, Matthew Barrett, NIST [ Biography I Presentation ] (remote presentation)
- Global Internet security threat landscape 2018, Thomas Hemker, Symantec [ Biography I Presentation ]
-
Cybersecurity lessons from the 2018 Pyeongchang Winter Olympic Games,
Sangjin Oh, MSIT (Korea, Rep.of)
[ Biography I Presentation ] (remote presentation) -
Cybersecurity attacks and countermeasures, Yunwei Zhao, CNCERT/CC (China) [ Biography I Presentation ]
-
Ransomware threats: incident response best practices, Fyodor Skvortsov, Bi.Zone [ Biography I Presentation ]
-
Trends in Ransomware, Gavin Willis, UK National Cyber Security Centre [ Biography I Abstract I Presentation ]
|
|
11:10 - 11:20 |
Coffee Break |
|
11:20 - 13:00 |
Session 2: Advanced cybersecurity attacks and ransomware attack scenarios
This session will investigate details about how advanced cybersecurity attacks and ransomware attacks are conducted. It will also address how cybersecurity information about those attacks could be shared among incident response organizations. It will focus on how those attacks infect computers in organizations, e.g., through an e-mail or compromised websites, and what those attacks do when they infect computers. In addition, it will investigate the past biggest attacks, such as CryptoLocker, WannaCry, that took place in 2017. It will provide how ransom is paid to attackers (e.g, through Bitcoin) and which ways organizations could choose to best recover data.
Session Chair: Juan Gonzalez (US)
-
OASIS STIX, and CTI, Bret Jordan, Symantec [ Biography I Presentation ]
-
Applying STIX to Intelligence Teams, Chris O'Brien, EclecticIQ [
Biography I Presentation ]
-
The Lessons and Challenges of WannaCry Ransomware,
Sang Myung Choi, Hauri (Korea, Rep.of)
[ Biography I Presentation ] -
Fragile like a bomb - Zero-day used for targeted attack in the past year, Ella Yu, 360 Technology (China)
[ Biography I Presentation ] -
Ransomware in targeted attacks,
Orkhan Mamedov, Kaspersky Lab [
Biography I Presentation ]
|
|
13:00 - 14:00 | Lunch Break |
|
14:00 - 15:30 |
Session 3: Technical, organizational and administrative countermeasures
This session will share existing/ongoing practices by individual users, public/private organizations, service/solution providers and regulators to counter advanced cybersecurity attacks and ransomware, and identify holistic solutions including technical, organizational and administrative countermeasures.
Session Chair: Arnaud Taddei (Symantec) [ Biography ]
-
Countering ransomware threats with ITU-T standards and CYBEX, Youki Kadobayashi, NICT (Japan)
[ Biography I Presentation ] (remote presentation) -
STARDUST: large-scale infrastructure for luring and monitoring cyber adversaries, Yu Tsuda, NICT (Japan) [ Biography I Presentation ]
-
Botnet C&C detection based on deep learning, Junzhi Yan, China Mobile (China) [ Biography I Presentation ]
-
Unknown threat detection - the key ability of APT defense,
Tian Tian, ZTE (China) [ Biography I Presentation ]
-
Towards a mature cyber threat intelligence practice, Richard Kerkdijk, ETIS [
Biography I
Abstract I Presentation ]
|
|
15:30 - 15:45 |
Coffee Break |
| 15:45 - 17:15 | Session 4: Panel discussion – Future directions on cybersecurity standardization activity
This session will identify future directions that ITU-T SG17 needs to analyze/review and stakeholders with whom SG17 will collaborate in the future, and discuss potential ways forward to develop International Standards with specifications of countermeasures which could be used to protect from advanced cybersecurity attacks and ransomware attacks and what are the gaps which need to be filled for these countermeasures.
Session Chair: Jong-Hyun Kim (ETRI) [ Biography ]
|
