New 
Zealand 
Internet 
Task 
Force 
Improving 
the 
cyber 
security 
posture 
of 
New 
Zealand 
Barry 
Brailey 
NZITF 
Ch...
Overview 
• Introduc7on 
• How 
the 
first 
48 
hours 
unfolded 
in 
NZ
Who 
Am 
I? 
• Manager, 
Security 
Policy 
-­‐ 
.nz 
DNC 
• Chair 
– 
NZITF
What 
is 
the 
NZITF? 
The 
New 
Zealand 
Internet 
Task 
Force 
is 
a 
non-­‐ 
profit 
with 
the 
mission 
of 
improving ...
April 
7th 
2014 
– 
What 
happened 
• Note 
– 
it 
was 
already 
April 
8th 
in 
NZ 
• An 
NZITF 
member 
posts 
to 
our ...
Later 
that 
day….. 
• 
Gov’t 
agency 
– 
“we 
are 
assessing 
it 
now” 
(We 
are 
from 
the 
Government 
and 
we’re 
here...
24 
hours 
later… 
• Morning 
of 
April 
9th 
in 
NZ 
– 
s7ll 
nothing 
from 
Gov’t 
or 
(surprisingly) 
any 
local 
media...
NZITF 
Gets 
Busy…… 
• Plough 
through 
what 
is 
out 
there 
• Open 
a 
conf 
call 
to 
get 
members 
involved 
and 
asse...
Test 
page 
and 
scanning 
• Get 
our 
own 
Test 
page 
up 
and 
start 
scanning 
for 
unpatched 
sites 
in 
NZ……. 
• STOP...
Sec@on 
252 
-­‐ 
Accessing 
computer 
system 
without 
authorisa@on 
Every 
one 
is 
liable 
to 
imprisonment 
for 
a 
te...
Avoiding 
Jail…. 
• Linked 
to 
Qualys 
Test 
• Shared 
details 
about 
who 
had 
patched 
• Follow 
up 
advice 
and 
medi...
During 
this…… 
• Tech 
company 
with 
a 
large 
customer 
base: 
“First 
9me 
I 
have 
ever 
been 
truly 
pleased 
about ...
So 
much 
Heartbleed! 
• Open 
SSL 
everywhere 
and 
these 
are 
the 
first 
guys 
to 
do 
a 
decent 
code 
review……..
Q&A 
info@nzio.org.nz 
barry@dnc.org.nz
Improving 
the 
cyber 
security 
posture 
of 
New 
Zealand
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
Upcoming SlideShare
Loading in …5
×

NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]

291 views

Published on

NZITF & The first 48hours of Heartbleed, by Barry Brailey. A presentation given at APNIC 38.

Published in: Internet
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
291
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]

  1. 1. New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair
  2. 2. Overview • Introduc7on • How the first 48 hours unfolded in NZ
  3. 3. Who Am I? • Manager, Security Policy -­‐ .nz DNC • Chair – NZITF
  4. 4. What is the NZITF? The New Zealand Internet Task Force is a non-­‐ profit with the mission of improving the cyber security posture of New Zealand It is a collabora@ve effort based on mutual trust of it’s members
  5. 5. April 7th 2014 – What happened • Note – it was already April 8th in NZ • An NZITF member posts to our list – ‘hey -­‐ is this a thing?’ • And then the interna7onal media and mailing lists start to ‘light up’ • On and off list discussion……
  6. 6. Later that day….. • Gov’t agency – “we are assessing it now” (We are from the Government and we’re here to help) • Then………
  7. 7. 24 hours later… • Morning of April 9th in NZ – s7ll nothing from Gov’t or (surprisingly) any local media a_en7on • NZITF Board member (eventually) says this is F*$%#D – we have to stand up a response
  8. 8. NZITF Gets Busy…… • Plough through what is out there • Open a conf call to get members involved and assess the scale etc • Use member’s media/comms teams to alert the Media (but manage their story) • Get the right (simple) advice out • Establish that the NZITF site is the defini7ve source for NZ on this
  9. 9. Test page and scanning • Get our own Test page up and start scanning for unpatched sites in NZ……. • STOP……..
  10. 10. Sec@on 252 -­‐ Accessing computer system without authorisa@on Every one is liable to imprisonment for a term not exceeding 2 years who inten7onally accesses, directly or indirectly, any computer system without authorisa7on, knowing that he or she is not authorised to access that computer system, or being reckless as to whether or not he or she is authorised to access that computer system.
  11. 11. Avoiding Jail…. • Linked to Qualys Test • Shared details about who had patched • Follow up advice and media • Ongoing discussion about the law • One NZ MSSP stated that within first 48 hours 40% of their customer base had been scanned for Heartbleed
  12. 12. During this…… • Tech company with a large customer base: “First 9me I have ever been truly pleased about being a MicrosoA stack company” “we will publish a “we were not affected” statement” ………..some9me later……. • Where’s your ‘not affected’ statement? “I just finished checking with our vendors and suppliers!”
  13. 13. So much Heartbleed! • Open SSL everywhere and these are the first guys to do a decent code review……..
  14. 14. Q&A info@nzio.org.nz barry@dnc.org.nz
  15. 15. Improving the cyber security posture of New Zealand

×