SecTor Features Snowden Appearance, Call to Secure All the ‘Things’

At the 10th annual SecTor security conference, Edward Snowden made a virtual appearance. Here’s a look at some of the other highlights from SecTor.

The SecTor conference was first held in Toronto in 2007 and was started by founders Bruce Cowper (left) and Brian Borne (right).

At SecTor, Edward Snowden provided a grim estimation of the current state of IT security. “Offense has greatly surpassed defensive capabilities,” he said.

Mikko Hypponen, chief research officer at security firm F-Secure, provided insight into the growth of ransomware. One of the ways that ransomware has grown is by way of a franchise model, where ransomware capabilities are offered as a service. “Outsiders that couldn’t program their way out of a paper bag can run a ransomware franchise,” Hypponen told the SecTor attendees.

One area of increasing security concern lately has been the internet of things (IoT). At SecTor, attendees were encouraged to learn about and attempt to exploit IoT devices.

SecTor isn’t just about digital security; it also provided an opportunity for attendees to learn about physical security and lock picking.

Security researcher Allan Stojanovic from the University of Toronto detailed a number of security pitfalls and issues surrounding the use of next-generation IPv6. Among the issues he identified is the difficulty in scanning the IPv6 address space.

Kubernetes is an increasingly popular container orchestration system, but it has a few security pitfalls, which Matt Johansen, director of security at Honest Dollar, detailed in a SecTor session.

WiFi for the SecTor conference was provided by zscaler, which also gave attendees a look at how the network was being used. On the first day of the event, the dashboard reported 34 instances of spyware that were calling back their control node using the SecTor network.