Alexandre Dulaunoy, from CIRCL, gave a keynote speech during the “IT Days: Security issues” conference in the afternoon on November 20th, in Luxembourg. He also participated in the morning on a panel titled “Security: Governance & Outsoursing”, with other security experts.
The title of Alexandre’s keynote was: “Why you are involved in the next governmental attack…”. He wanted to show that by connecting unsecure and/or misconfigured devices on the Internet, users often make it easier for attackers to take actions. He used the example of a concrete and real investigation in which a sophisticated malware attack was using different network levels through IPTV boxes.
Alexandre also stated the importance of sharing information about malware and attacks in order to help improving the counter-measures used against targeted attacks and set-up preventive actions (ref: MISP platform: http://www.circl.lu/services/misp-malware-information-sharing-platform/).