UK Cyber Week - Day One

I attended UK Cyber Week on April 17th and 18th 2024, here's my overview of day one.
I arrived a bit late but, thankfully, hadn’t missed anything. The first keynote speaker was the UK Lead Investigator from the National Crime Agency, providing some insights into the LockBit operation. One of my favourite aspects of hearing about operations run by the NCA and other policing agencies is that good news is no news. You never know quite how much is going on behind the scenes because not hearing about it is a good thing. The UK Lead Investigator discussed how the NCA dismantled the LockBit operation, and although the website has come back up, the rate at which victims are appearing on there has dropped to approximately 20% of the original speed.
Following this brilliant, insightful talk, I caught Charlie Milton at the Prevention and Resilience section. Charlie, VP of Strategic Alliances at Censornet, talked about balancing user experience with cloud security. He mentioned the number of cloud applications companies are utilising, which most of us wouldn’t be able to name. On average, companies have approximately 335 cloud-based applications running on their servers. Charlie went on to state that you could probably name up to around 20 of these before drawing a complete blank. He then posed the question, "If you don’t know what the other 315 applications are, what are you doing to protect yourself from the dangers/risks they hold?" Charlie continued to speak about software that Censornet can provide, which can discover, analyse, and alert based on the cloud-based applications running on a specific endpoint. Some very interesting stuff to help get a greater understanding of what is happening on your servers.
Following this, Luke Griffiths gave a brilliant talk on Information Security Management: Considerations for the Future. This talk really highlighted the importance of going the extra mile when thinking about frameworks. Naturally, the use of ISO and NIST frameworks is important, but if you’re not tailoring the use of these to your business vertical, then it’s not going to be as valuable as you may think. An overview of this talk is to always be prepared, including practicing responses to issues.
The next talk was possibly one of my favourites from Day One. Kevin Mitchell, Senior Automotive Security Tester, delivered a talk on Cracking the Code: Hijacking Phone-as-Key Systems in Vehicles via BLE DoS Exploits. As stated in the title, this was a talk on how Kevin discovered an issue with some phone-as-a-key services among car manufacturers. I don’t remember all the technical details, but the overview was that you can scan the Bluetooth Low Energy chip within the car and send the Bluetooth authenticator into a loop where it is attempting to authenticate but failing, which eventually would crash, making the chip shut down and therefore invisible to the owner's actual phone-as-a-key authenticator. The CVE details will soon be released but aren’t quite out yet.
Further into the afternoon, there was a talk titled "......Hackers Don't Bother with People Like Me" from Danni Brooke, a former police intelligence expert, and Ben Owen, a former military intelligence expert, who is also known for hosting the TV show Hunted. This talk looked at the ease with which someone can obtain data from you. This talk particularly resonated with me, as it echoed themes from Kevin Mitnick’s The Art of Invisibility, a book that explores a similar landscape of digital security and privacy.
We finished up Day One with a talk from Ciaran Martin. Ciaran is a very impressive individual, most notable to me as the first CEO of the National Cyber Security Centre (NCSC). On top of this, Ciaran served as the Head of Cyber Security at GCHQ. Ciaran’s talk, The Major Trends Driving Our Cyber Security, took a look at the Top 5 Security and Network Threats followed by the Top 5 Geopolitical Threats, providing some serious insights and really opening my eyes to the importance of geopolitics in the world of cyber.