Speakers
Chair
Maria Bada
Research Associate, Cambridge Cybercrime Centre, Cambridge Computer Laboratories, Cambridge University
Maria Bada is a Research Associate at the Cambridge Cybercrime Centre, at the Computer Laboratory of Cambridge University. Within this role her research focuses on the human factor in cyber crime, studying the profiles, pathways and psychologies of cyber criminals. Additionally, she is looking at the social and psychological impact of cyber-attacks and the effectiveness of cyber security awareness campaigns trying to identify factors which potentially lead to failure of these in changing the information security behaviour of consumers and employees. She is a member of the National Risk Assessment (NRA) Behavioural Science Expert Group in the UK, working on the social and psychological impact of cyber-attacks on members of the public. Moreover, she is a member of the Steering group of the London Digital Security Centre, launched by the Mayor of London as a joint venture with the Metropolitan Police and City of London Police, and a member of Europol EC3. She is a member of the British Psychological Society and the British Counselling Society.
Presentations
Winston Krone
Managing Director of Kivu Consulting, Kivu Europe
Winston Krone is the Global Managing Director of Kivu Consulting, an international technology firm specialising in the forensic response to data breaches and proactive IT security compliance and risk reduction. Winston has handled hundreds of incidents globally in healthcare, professional services, education and financial institutions. He has frequently testified as a cyber expert in post-breach litigation – including as expert for Uber in their 2015 data breach, and as an expert for Apple in multiple class actions alleging privacy violations – and has presented his findings to regulators in the US and UK. Winston is both an English solicitor and California attorney, receiving his law degree from Oxford University. Since 2017, Winston has been based in Amsterdam, supervising Kivu’s EU operations, and working with the London insurance market on innovative risk reduction solutions.
About Kivu: With offices in the US, Canada, London and Amsterdam, Kivu is a pre-approved cyber forensics vendor for all leading North American and European insurance carriers, with a particular expertise in ransomware and cyber extortion.
Trends in Hacker Business Models: Lessons from Negotiating with Extortionists
Kivu has over four years’ experience negotiating with attackers in over 700 cyber extortion engagements. While traditional extortion risks are typically focused on negotiating size of the demand (once the criminals have provided “proof of life” or confirmed their ability to cause damage), negotiating with cyber extortionists, and assessing the merits of paying ransoms, involve unique variables including: (i) ability of hackers themselves to assist in recovery of the victim’s data or network; (ii) global variety of cyber attackers’ motivation, languages, cultural differences, and own risk appetite (iii) collateral and unintended damage caused by cyber attackers which may negate the value of paying ransoms; (iv) the diverse cyber criminal ecosystem whereby amateur “grey hats” rub shoulders with organised criminal gangs; and (v) the possibility of hackers triggering further damage or that extortion may mask a secondary, more damaging cyber-attack. This presentation will review current attack models and attacker profiles, and negotiation pitfalls; how hackers and their methodologies have changed over the last four years, leading to changes in assessing the risks in responding to cyber extortion; past, current and prior motivations for hackers involved in cyber extortion; how the cyber extortion ecosystem may evolve in the face of geopolitical changes, law enforcement priorities, pressure from the private sector/insurance markets, and developments in investigatory tools and cryptocurrency.
Dr Gordon Woo
Catastrophist, Risk Management Solutions
Dr Gordon Woo is an internationally recognised expert on risk management, with a particular focus on man-made catastrophe risks. In 2004, Newsweek magazine described Dr Gordon Woo as one of the world’s leading catastrophists. He has 30 years of experience in catastrophe risk consultancy, advising financial institutions, governments and major corporations.
His involvement in cyber risk extends back a decade to April 2009, when he was invited to address the Singapore Island Forum, organised on behalf of the Singapore government, focusing on cyber risk. Since then, he has researched extreme cyber risk using the framework of counterfactual risk analysis, which he pioneered for terrorism.
A top mathematics graduate at the University of Cambridge, he completed his PhD at MIT as a Kennedy Scholar, and was a member of the elite Harvard Society of Fellows. He also has a postgraduate Cambridge degree in computer science.
He is an adjunct professor at Nanyang Technological University, Singapore, and a visiting professor at University College London. He is the author of two books published by Imperial College Press: The Mathematics of Natural Catastrophes and Calculating Catastrophe. He is also a co-author of Solving Cyber Risk, published by Wiley.
Game Theory Approaches to Understanding Future Strategies of Cyber Threat Actors
From amateur juveniles to elite state-sponsored groups, hacking is an adversarial contest over cyber security. The challenge for any cyber threat actor is the same: to pursue a strategy to maximise their objectives, subject to the defensive strategies of their targets. As these strategies change, so the threat shifts accordingly. This adversarial contest defines a game, and a general conceptual framework is provided by game theory. Applications of game theory to cyber security are reviewed, and the future implications for collective cyber security discussed.
Mike Jones
Security Researcher
Mike Jones (sting3r) has a background in cryptology. He has performed numerous penetration tests for various industries such as the Department of Defense, major financial institutions, casinos, telecoms, and various others. Mike has developed exploit techniques both network and app-based as well as physical. The experience Mike has had has been on both sides of security, being a long term member of various hacking groups and APT nation-state groups. His experience was refocused to helping industries protect themselves. The key to a good defence is to know who you’re defending against.
Journey from Black Hat to White Hat: The Psychology, the Tactics and the Future of Cyber Crime
What lead me into a life of paranoia, fear and interaction with law enforcement. The journey from the dark into a life of giving back and helping prevent others from making the wrong cyber choices.