This document summarizes a presentation given by Raoul Chiesa on critical infrastructure attacks. It discusses the evolution of hi-tech crimes in the 21st century, including various types of hackers and their motivations. It then focuses on critical national infrastructures, describing common types and providing examples of security incidents that have impacted systems like SCADA. The presentation highlights issues found in securing these infrastructures and concludes by discussing potential solutions like security training programs.
The document discusses challenges and opportunities around measuring social impact for social enterprises. It describes different approaches to social impact measurement including SROI (Social Return on Investment) and impact dashboards. The document also presents examples of how organizations can communicate their social impact performance through standardized profiles that integrate financial and qualitative impact metrics. Developing better social impact data and measurement is presented as key to connecting capital to outcomes and facilitating social change.
W001 - World Visions
Orario 09.30 – 13.00
Sala 4
TECHNOLOGIES, PARTNERSHIPS & BUSINESS MODELS
Developing new value-added services in the navigation markets
A discussion of social media marketing approaches & tools, supported by real world examples of successful (and failed) marketing campaigns.
Presented by Colin Crook of Voce Communications and Amy Ganderson of The Nature Conservancy
The document discusses network intrusion detection and anomaly detection from a research perspective. It describes using network processors to develop a device that can perform high-speed packet capturing, timestamping, and processing. The device is used to build a traffic measurements system that can analyze traffic at wire speed and online to accurately characterize network traffic.
The document discusses challenges and opportunities around measuring social impact for social enterprises. It describes different approaches to social impact measurement including SROI (Social Return on Investment) and impact dashboards. The document also presents examples of how organizations can communicate their social impact performance through standardized profiles that integrate financial and qualitative impact metrics. Developing better social impact data and measurement is presented as key to connecting capital to outcomes and facilitating social change.
W001 - World Visions
Orario 09.30 – 13.00
Sala 4
TECHNOLOGIES, PARTNERSHIPS & BUSINESS MODELS
Developing new value-added services in the navigation markets
A discussion of social media marketing approaches & tools, supported by real world examples of successful (and failed) marketing campaigns.
Presented by Colin Crook of Voce Communications and Amy Ganderson of The Nature Conservancy
The document discusses network intrusion detection and anomaly detection from a research perspective. It describes using network processors to develop a device that can perform high-speed packet capturing, timestamping, and processing. The device is used to build a traffic measurements system that can analyze traffic at wire speed and online to accurately characterize network traffic.
This presentation discusses overcoming the digital divide and its relationship to health disparities. The digital divide prevents disadvantaged communities from achieving important goals and mirrors social determinants of health like geography, race, income, and language. Both the digital divide and health disparities are influenced by factors such as lack of access in rural and low-income urban areas, as well as language, age, education level, and disability status. Bridging the digital divide is essential for improving health disparities, as technology and health providers increasingly intersect. Leadership, relevant content, community-based approaches, targeted strategies, and long-term sustainability are needed to overcome disparities.
Focusing on Approach & Outcomes: A hands on discussion of various social media marketing approaches & tools, supported by real world examples of successful (and failed) marketing campaigns.
Colin Crook, of Voce Communications, presents a practical understanding of how to conduct, measure, and monetize their Web-based marketing
Making Sense of Social Impact Investing Webinar - 11/1/10
Acronyms like IRIS, GIIRS, SROI, B Corp, Pulse, Social E-valuator - do you know what they mean?
They are all part of an emerging ecosystem of social impact measurement tools and practices .... But how they relate and what it all means for your organization's need to prove impact is murky.
Join nonprofit expert Paul Lamb and impact management guru Sara Olsen as Paul interviews Sara about what the alphabet soup spells for mission-driven organizations and funders.
Funding Your Social Enterprise: Approaches & Resources for NonprofitsMargaret Stangl
The document discusses various approaches and funding resources for social enterprises and nonprofits, including loans from community development financial institutions, program-related investments from foundations, and mission-related investments that align with a foundation's goals. It provides examples of specific social enterprises, their models and financing approaches. The webinar addresses common questions around accessing capital through grants, debt, and equity.
Crowdfunding leverages the power of the online crowd to raise money for charities and start-up businesses. This webinar provides an overview of the latest fundraising trend called "crowdfunding."
Three leading crowdfunding experts and innovators as they discuss crowdfunding models and how nonprofits and social enterprises can raise money and gain greater exposure through these web-based platforms.
Colin Mutchler is the Co-Founder of LoudSauce, Josh Tetrick is the founder of 33Needs and Tom Dawkins is co-founder of StartSomeGood.
ZeroDivide set out to identify the key barriers to increased philanthropic investment in nonprofits' use of technology, recognizing there is tremendous interest and need by organizations based in underserved communities.
This project builds on the findings of previous studies, while contributing unique aspects to the conversation.
Download the full report http://bit.ly/gbM7AU
Mobilizing Communities in a Connected Age Funders EditionMargaret Stangl
The Mitchell Kapor Foundation and ZeroDividel share learnings from a recent report “Mobilizing Communities in a Connected Age.” Joined by staff from Color of Change and Netroots Nation, discover how philanthropic and nonprofit organizations are collaborating to use new technology tools to expand outreach, foster constituent loyalty, drive revenue, increase operational efficiencies, and spur innovation.
Antennas: the key to your wireless application Harald Naumann Round SolutionsGoWireless
The document discusses various topics related to embedded monopole antenna design including benefits, drawbacks, tuning, interference issues, ground plane size requirements, and selecting the right antenna partner. Key points include that monopoles have small size but require a reasonably sized ground plane, components nearby can interfere, and working with an expert partner can help minimize risks and tune the antenna design.
Raoul Chiesa Hacking A Impianti IndustrialiGoWireless
This document discusses security issues related to industrial automation and critical infrastructure. It begins with an introduction of the speaker and their background working in these environments. Several examples of past security incidents are described, such as the Whatcom Falls Park pipeline rupture caused by a SCADA system failure. Technical attacks against these systems are similar to traditional IT attacks like password guessing or exploits. However, the consequences of failures or attacks can be far more severe given the life-critical systems involved. In conclusion, the history and perspectives of industrial automation security differ significantly from traditional IT/ICT security, and standards exist but must be followed carefully given the risks.
This document discusses issues of trust as it relates to technology and society. It covers how trust underlies civilizations and how various technological developments from writing to the internet have both increased and challenged trust over time. It examines specific issues like network security threats, software safety, and privacy of personal data. The document argues that trustworthy systems and practices are important for democratic societies and that European policies need to nurture democratic values in the digital age. It outlines the EU's legal framework around data protection and privacy technology. Finally, it discusses the goals and activities of the RISEPTIS advisory board, which aims to provide guidance on security, privacy, and trustworthiness research and policy challenges.
Cybercrime, cyber war, infowar - what's this all about from an hacker's persp...ClubHack
The document is a presentation on cybercrime, cyberwar, and information warfare. It was presented by Raoul Chiesa and Jart Armin at Club Hack 2010 in Pune, India. The presentation covers the evolution of cyberattacks from cybercrime to cyberwarfare. It discusses concepts like hacktivism, nation-state attacks like those experienced by Estonia and Georgia, and the blurring lines between hackers, cybercriminals, and intelligence agencies. The presenters aim to introduce new concepts and frameworks for understanding next-generation cyber threats and information warfare in the digital era.
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
The document discusses security issues in the telecommunications industry based on the speaker's 10 years of experience penetration testing telecom operators. It notes that telecom vendors sell insecure systems, operators lack security expertise, and sophisticated hackers are increasingly targeting telecom networks. The speaker describes how they were able to hack into 100% of operators via web apps and 90% via other access points. The document argues the industry has a 'head in the sand' approach that leaves critical infrastructure at risk.
UN/ITU - Organisational Structures and Incident Management - CybersecurityDr David Probert
In-Depth Presentation for the Cybersecurity Workshop that was Jointly Organised by the UN/ITU and CITEL in Salta City, Argentina - November 2010. The presentation focuses on the implementation of the recommended UN/ITU (International Telecommunications Union) Global Cybersecurity Agenda and the importance of CERTs (Computer Emergency Response Teams)
The document discusses cyberterrorism threats to critical infrastructure systems like power grids. It describes how terrorist groups could target these systems through cyber attacks, giving examples of botnets being used to overwhelm networks with denial of service attacks. The document also examines the challenges of attribution and response to such attacks since terrorist networks operate asymmetrically online. It argues strong cybersecurity defenses and ability to trace attacks are needed to counter potential cyberterrorism.
The document summarizes a meeting on future internet forum held in Dublin, Ireland on December 3, 2009. It discusses ongoing research in areas like security in network and service architectures. It recommends priority areas for trustworthy ICT like securing networks and infrastructures, managing identity and privacy, and enabling technologies. The document also proposes international cooperation actions between the EU and countries like the US, Japan, and others on topics related to dependability, security and trust.
SPEEDA INSIGHTS_Market Prospects for the Security IndustryKyna Tsai
The document discusses market prospects for the security industry. It notes that demand for both information and physical security is growing due to factors like crime prevention, anti-terrorism efforts, and disaster prevention. Information security issues are expanding beyond hardware protection to include massive data networks and personal information, while physical security now covers a wider range of objects like home electronics and vehicles. Emerging technologies like the Internet of Things (IoT) and artificial intelligence (AI) will play important roles in security solutions by enabling the connection and monitoring of more devices and allowing automated analysis of data. The global information security market has grown significantly in recent years and is expected to continue expanding, while the physical security market is also growing rapidly driven by increasing demand for surveillance
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction FIA2010
This document summarizes the agenda for a session on "Privacy and Citizenship" that took place on December 16, 2010. The session focused on two main topics: 1) user/citizen issues related to privacy and 2) the economics of privacy. It included keynote speeches from experts in privacy and data protection, followed by a panel discussion on each topic with experts from research institutions and industry. The goal of the session was to have an open discussion around balancing privacy, innovation, and citizens' rights on the future internet.
This document provides an overview of the Internet of Things (IoT). It discusses the history and development of IoT from 1997 to present day. Key points covered include the extraordinary benefits of IoT such as status updates, diagnostics, upgrades, control/automation, and location mapping. The document also addresses security and privacy challenges with collecting and sharing personal data through connected devices. Example applications of IoT highlighted are in manufacturing, infrastructure, transportation, healthcare, and media/advertising. The future of IoT is predicted to focus on enterprise, home, and government sectors, with enterprise being the largest at an estimated 9.1 billion devices by 2019.
The document discusses the results of a study on the security of UK home Wi-Fi networks. Some of the key findings include:
- Nearly 40,000 home Wi-Fi networks were identified as being "high-risk" and vulnerable to hacking within 5 seconds due to a lack of encryption or weak security settings.
- The majority (82%) of people mistakenly believe their home network is secure, even though nearly a quarter have no password. Hackers can breach typical passwords in seconds.
- Only 4% of people know for certain their network has been used without permission, indicating most are unaware if their network has been accessed illegally.
- 18-24 year olds are the most
Micro and nanotechnology to enhance the physical security of credentials and ...Bilcare Research
"Micro and nanotechnology to enhance the physical security of credentials and products"
Presented by Adrian Burden from Bilcare Research, NonClonable Security Technologies. This was presented at Queen Elizabeth II conference Centre, Westminster, London UK, dated 8-10 of February 2010.
This presentation discusses overcoming the digital divide and its relationship to health disparities. The digital divide prevents disadvantaged communities from achieving important goals and mirrors social determinants of health like geography, race, income, and language. Both the digital divide and health disparities are influenced by factors such as lack of access in rural and low-income urban areas, as well as language, age, education level, and disability status. Bridging the digital divide is essential for improving health disparities, as technology and health providers increasingly intersect. Leadership, relevant content, community-based approaches, targeted strategies, and long-term sustainability are needed to overcome disparities.
Focusing on Approach & Outcomes: A hands on discussion of various social media marketing approaches & tools, supported by real world examples of successful (and failed) marketing campaigns.
Colin Crook, of Voce Communications, presents a practical understanding of how to conduct, measure, and monetize their Web-based marketing
Making Sense of Social Impact Investing Webinar - 11/1/10
Acronyms like IRIS, GIIRS, SROI, B Corp, Pulse, Social E-valuator - do you know what they mean?
They are all part of an emerging ecosystem of social impact measurement tools and practices .... But how they relate and what it all means for your organization's need to prove impact is murky.
Join nonprofit expert Paul Lamb and impact management guru Sara Olsen as Paul interviews Sara about what the alphabet soup spells for mission-driven organizations and funders.
Funding Your Social Enterprise: Approaches & Resources for NonprofitsMargaret Stangl
The document discusses various approaches and funding resources for social enterprises and nonprofits, including loans from community development financial institutions, program-related investments from foundations, and mission-related investments that align with a foundation's goals. It provides examples of specific social enterprises, their models and financing approaches. The webinar addresses common questions around accessing capital through grants, debt, and equity.
Crowdfunding leverages the power of the online crowd to raise money for charities and start-up businesses. This webinar provides an overview of the latest fundraising trend called "crowdfunding."
Three leading crowdfunding experts and innovators as they discuss crowdfunding models and how nonprofits and social enterprises can raise money and gain greater exposure through these web-based platforms.
Colin Mutchler is the Co-Founder of LoudSauce, Josh Tetrick is the founder of 33Needs and Tom Dawkins is co-founder of StartSomeGood.
ZeroDivide set out to identify the key barriers to increased philanthropic investment in nonprofits' use of technology, recognizing there is tremendous interest and need by organizations based in underserved communities.
This project builds on the findings of previous studies, while contributing unique aspects to the conversation.
Download the full report http://bit.ly/gbM7AU
Mobilizing Communities in a Connected Age Funders EditionMargaret Stangl
The Mitchell Kapor Foundation and ZeroDividel share learnings from a recent report “Mobilizing Communities in a Connected Age.” Joined by staff from Color of Change and Netroots Nation, discover how philanthropic and nonprofit organizations are collaborating to use new technology tools to expand outreach, foster constituent loyalty, drive revenue, increase operational efficiencies, and spur innovation.
Antennas: the key to your wireless application Harald Naumann Round SolutionsGoWireless
The document discusses various topics related to embedded monopole antenna design including benefits, drawbacks, tuning, interference issues, ground plane size requirements, and selecting the right antenna partner. Key points include that monopoles have small size but require a reasonably sized ground plane, components nearby can interfere, and working with an expert partner can help minimize risks and tune the antenna design.
Raoul Chiesa Hacking A Impianti IndustrialiGoWireless
This document discusses security issues related to industrial automation and critical infrastructure. It begins with an introduction of the speaker and their background working in these environments. Several examples of past security incidents are described, such as the Whatcom Falls Park pipeline rupture caused by a SCADA system failure. Technical attacks against these systems are similar to traditional IT attacks like password guessing or exploits. However, the consequences of failures or attacks can be far more severe given the life-critical systems involved. In conclusion, the history and perspectives of industrial automation security differ significantly from traditional IT/ICT security, and standards exist but must be followed carefully given the risks.
This document discusses issues of trust as it relates to technology and society. It covers how trust underlies civilizations and how various technological developments from writing to the internet have both increased and challenged trust over time. It examines specific issues like network security threats, software safety, and privacy of personal data. The document argues that trustworthy systems and practices are important for democratic societies and that European policies need to nurture democratic values in the digital age. It outlines the EU's legal framework around data protection and privacy technology. Finally, it discusses the goals and activities of the RISEPTIS advisory board, which aims to provide guidance on security, privacy, and trustworthiness research and policy challenges.
Cybercrime, cyber war, infowar - what's this all about from an hacker's persp...ClubHack
The document is a presentation on cybercrime, cyberwar, and information warfare. It was presented by Raoul Chiesa and Jart Armin at Club Hack 2010 in Pune, India. The presentation covers the evolution of cyberattacks from cybercrime to cyberwarfare. It discusses concepts like hacktivism, nation-state attacks like those experienced by Estonia and Georgia, and the blurring lines between hackers, cybercriminals, and intelligence agencies. The presenters aim to introduce new concepts and frameworks for understanding next-generation cyber threats and information warfare in the digital era.
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
The document discusses security issues in the telecommunications industry based on the speaker's 10 years of experience penetration testing telecom operators. It notes that telecom vendors sell insecure systems, operators lack security expertise, and sophisticated hackers are increasingly targeting telecom networks. The speaker describes how they were able to hack into 100% of operators via web apps and 90% via other access points. The document argues the industry has a 'head in the sand' approach that leaves critical infrastructure at risk.
UN/ITU - Organisational Structures and Incident Management - CybersecurityDr David Probert
In-Depth Presentation for the Cybersecurity Workshop that was Jointly Organised by the UN/ITU and CITEL in Salta City, Argentina - November 2010. The presentation focuses on the implementation of the recommended UN/ITU (International Telecommunications Union) Global Cybersecurity Agenda and the importance of CERTs (Computer Emergency Response Teams)
The document discusses cyberterrorism threats to critical infrastructure systems like power grids. It describes how terrorist groups could target these systems through cyber attacks, giving examples of botnets being used to overwhelm networks with denial of service attacks. The document also examines the challenges of attribution and response to such attacks since terrorist networks operate asymmetrically online. It argues strong cybersecurity defenses and ability to trace attacks are needed to counter potential cyberterrorism.
The document summarizes a meeting on future internet forum held in Dublin, Ireland on December 3, 2009. It discusses ongoing research in areas like security in network and service architectures. It recommends priority areas for trustworthy ICT like securing networks and infrastructures, managing identity and privacy, and enabling technologies. The document also proposes international cooperation actions between the EU and countries like the US, Japan, and others on topics related to dependability, security and trust.
SPEEDA INSIGHTS_Market Prospects for the Security IndustryKyna Tsai
The document discusses market prospects for the security industry. It notes that demand for both information and physical security is growing due to factors like crime prevention, anti-terrorism efforts, and disaster prevention. Information security issues are expanding beyond hardware protection to include massive data networks and personal information, while physical security now covers a wider range of objects like home electronics and vehicles. Emerging technologies like the Internet of Things (IoT) and artificial intelligence (AI) will play important roles in security solutions by enabling the connection and monitoring of more devices and allowing automated analysis of data. The global information security market has grown significantly in recent years and is expected to continue expanding, while the physical security market is also growing rapidly driven by increasing demand for surveillance
Jim Clarke, Waterford Institute of Technology, IRELAND: Session Introduction FIA2010
This document summarizes the agenda for a session on "Privacy and Citizenship" that took place on December 16, 2010. The session focused on two main topics: 1) user/citizen issues related to privacy and 2) the economics of privacy. It included keynote speeches from experts in privacy and data protection, followed by a panel discussion on each topic with experts from research institutions and industry. The goal of the session was to have an open discussion around balancing privacy, innovation, and citizens' rights on the future internet.
This document provides an overview of the Internet of Things (IoT). It discusses the history and development of IoT from 1997 to present day. Key points covered include the extraordinary benefits of IoT such as status updates, diagnostics, upgrades, control/automation, and location mapping. The document also addresses security and privacy challenges with collecting and sharing personal data through connected devices. Example applications of IoT highlighted are in manufacturing, infrastructure, transportation, healthcare, and media/advertising. The future of IoT is predicted to focus on enterprise, home, and government sectors, with enterprise being the largest at an estimated 9.1 billion devices by 2019.
The document discusses the results of a study on the security of UK home Wi-Fi networks. Some of the key findings include:
- Nearly 40,000 home Wi-Fi networks were identified as being "high-risk" and vulnerable to hacking within 5 seconds due to a lack of encryption or weak security settings.
- The majority (82%) of people mistakenly believe their home network is secure, even though nearly a quarter have no password. Hackers can breach typical passwords in seconds.
- Only 4% of people know for certain their network has been used without permission, indicating most are unaware if their network has been accessed illegally.
- 18-24 year olds are the most
Micro and nanotechnology to enhance the physical security of credentials and ...Bilcare Research
"Micro and nanotechnology to enhance the physical security of credentials and products"
Presented by Adrian Burden from Bilcare Research, NonClonable Security Technologies. This was presented at Queen Elizabeth II conference Centre, Westminster, London UK, dated 8-10 of February 2010.
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
This presentation will analyze the Information Warfare scenarios, technical and legal backgrounds, highlighting as well the importance of the terminologies and bringing to the audience real-life examples and known incidents. The last part of the talk will focus on two theorical case studies and on one, very special, theorical case study.
The document discusses the Internet of Things (IoT) and its potential applications and threats relating to crime prevention. It notes that by 2020, the number of IoT devices could exceed 25 billion. The document outlines different types of threats from hacking IoT networks, including information theft, perturbation of operations, corruption of sensor information, and falsification of information. It discusses applying IoT to buildings and cities through integrating data. The document summarizes outputs from a workshop on developing guidelines to avoid IoT cybercrime risks and building safeguards into smart products.
ITrust is a leading French cybersecurity company that provides expertise, products, and security operations center services. It has over 200 clients, 100% annual growth, and offices in Paris, Toulouse, New York, and Shanghai. ITrust's flagship product is the IKare vulnerability management tool, which can reduce vulnerabilities by 90% by identifying and helping to correct security flaws. The company is working on new behavioral analytics and AI solutions to better detect unknown cyber threats.
This document summarizes a presentation by Aram Sinnreich on media innovation. It discusses how digital networks have disrupted traditional linear business models and cultural production. While industries lobby for stronger copyright laws, studies show the entertainment industry has still grown and "piracy" may benefit economies. The greatest threat is over-regulation that limits civil liberties and fair use. The presentation argues we need to abandon myths of scarcity and lone authorship, and instead of over-protection, prepare for a configurable culture through business, political and social innovation like copyleft and copyright reform.
This document summarizes a presentation by Aram Sinnreich on media innovation. It discusses how digital networks have disrupted traditional linear business models and cultural production. While industries lobby for stronger copyright laws, studies show the entertainment industry has still grown. However, these policies risk negative consequences like censorship and surveillance. The presentation argues we should abandon myths of lone authorship and scarcity and instead prepare new business and policy innovations like cloud services, copyleft, and copyright reform to support a configurable culture.
This document discusses geospatially enabled solutions from Intergraph for all-hazards incident management. Intergraph provides software for infrastructure protection, emergency response, and geospatial applications. The document argues that an all-hazards approach to incident management is needed given increasing global threats. It presents Intergraph's vision of an integrated system of systems for situational awareness, information sharing, and coordinated response across agencies.
This document provides an overview of the emerging concept of the "Internet of Things." It discusses how technological advances will lead to a world where everyday objects are connected to the internet and able to communicate with each other and with people. It examines enabling technologies like RFID, sensors, and nanotechnology that will drive this development. It also explores the market potential and challenges related to privacy, standardization and ethics. The report concludes by describing a possible day in the life of a user in the year 2020 to illustrate how the Internet of Things could impact various aspects of daily life.
This document discusses ethical issues related to smart technology in IoT. It begins with an introduction to IoT, architecture, and privacy/security concerns. It then examines stakeholders and their interests/risks. Resolutions discussed include security measures at different layers and increasing user awareness. Two specific examples are analyzed: a teddy bear hack that leaked personal recordings, and Fitbit sharing customer health data. Considerations for dealing with ethical issues include regulations, following ethics codes, customer benefit, and security improvements. Examples of IoT uses in business and related incidents/vulnerabilities are also summarized.
VM03 - Vertical Markets
Orario 14.30 – 17.30
Sala 3
SPECIAL
E TICKETING & SMART PARKING
In collaborazione con Consorzio Movincom
Con il Patrocinio di CLUB Italia
This document summarizes a presentation about the ImaGeo project. The project aims to (1) simplify the organization and sharing of photos and travel information on mobile devices, (2) provide instant location-based information based on photos captured, and (3) make it easy to embed and share generated travel content online. The proposed solution utilizes an open architecture and user-centered design approach. It will allow users to retrieve information about objects in their photos and share experiences to promote tourism. A consortium of universities and companies will collaborate on the project.
W002 - World Visions
Orario 14.30 – 18.00
Sala 4
SPECIAL
GALILEO/EGNOS & GNSS
News and latest activities from the worldwide satellite navigation systems
The document discusses EGNOS, Galileo, and Telespazio's developments related to satellite navigation. It covers topics such as GNSS signals and systems, added value navigation services, innovative projects like INAV, and the EGNOS Data Access Service. It also addresses issues like performance, security, and enabling applications through integrated solutions.
The document discusses using user-centered design to improve the travel experience for passengers of Trenitalia, Italy's national railway company. It describes researching passengers, developing scenarios of potential travel situations, and prototyping innovative interactions between passengers and Trenitalia's services. The goal is to enhance communication and provide better information to passengers throughout their journey, from planning to traveling to coping with delays.
Enhancing Adoption of AI in Agri-food: IntroductionCor Verdouw
Introduction to the Panel on: Pathways and Challenges: AI-Driven Technology in Agri-Food, AI4Food, University of Guelph
“Enhancing Adoption of AI in Agri-food: a Path Forward”, 18 June 2024
Adani Group's Active Interest In Increasing Its Presence in the Cement Manufa...Adani case
Time and again, the business group has taken up new business ventures, each of which has allowed it to expand its horizons further and reach new heights. Even amidst the Adani CBI Investigation, the firm has always focused on improving its cement business.
High-Quality IPTV Monthly Subscription for $15advik4387
Experience high-quality entertainment with our IPTV monthly subscription for just $15. Access a vast array of live TV channels, movies, and on-demand shows with crystal-clear streaming. Our reliable service ensures smooth, uninterrupted viewing at an unbeatable price. Perfect for those seeking premium content without breaking the bank. Start streaming today!
https://rb.gy/f409dk
Ellen Burstyn: From Detroit Dreamer to Hollywood Legend | CIO Women MagazineCIOWomenMagazine
In this article, we will dive into the extraordinary life of Ellen Burstyn, where the curtains rise on a story that's far more attractive than any script.
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...BBPMedia1
Nathalie zal delen hoe DEI en ESG een fundamentele rol kunnen spelen in je merkstrategie en je de juiste aansluiting kan creëren met je doelgroep. Door middel van voorbeelden en simpele handvatten toont ze hoe dit in jouw organisatie toegepast kan worden.
Presentation by Herman Kienhuis (Curiosity VC) on Investing in AI for ABS Alu...Herman Kienhuis
Presentation by Herman Kienhuis (Curiosity VC) on developments in AI, the venture capital investment landscape and Curiosity VC's approach to investing, at the alumni event of Amsterdam Business School (University of Amsterdam) on June 13, 2024 in Amsterdam.
Efficient PHP Development Solutions for Dynamic Web ApplicationsHarwinder Singh
Unlock the full potential of your web projects with our expert PHP development solutions. From robust backend systems to dynamic front-end interfaces, we deliver scalable, secure, and high-performance applications tailored to your needs. Trust our skilled team to transform your ideas into reality with custom PHP programming, ensuring seamless functionality and a superior user experience.
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...Niswey
50 million companies worldwide leverage WhatsApp as a key marketing channel. You may have considered adding it to your marketing mix, or probably already driving impressive conversions with WhatsApp.
But wait. What happens when you fully integrate your WhatsApp campaigns with HubSpot?
That's exactly what we explored in this session.
We take a look at everything that you need to know in order to deploy effective WhatsApp marketing strategies, and integrate it with your buyer journey in HubSpot. From technical requirements to innovative campaign strategies, to advanced campaign reporting - we discuss all that and more, to leverage WhatsApp for maximum impact. Check out more details about the event here https://events.hubspot.com/events/details/hubspot-new-delhi-presents-unlocking-whatsapp-marketing-with-hubspot-integrating-messaging-into-your-marketing-strategy/
AI Transformation Playbook: Thinking AI-First for Your BusinessArijit Dutta
I dive into how businesses can stay competitive by integrating AI into their core processes. From identifying the right approach to building collaborative teams and recognizing common pitfalls, this guide has got you covered. AI transformation is a journey, and this playbook is here to help you navigate it successfully.
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Stone Art Hub
Stone Art Hub offers the best competitive Marble Pricing in Dubai, ensuring affordability without compromising quality. With a wide range of exquisite marble options to choose from, you can enhance your spaces with elegance and sophistication. For inquiries or orders, contact us at ☎ 9928909666. Experience luxury at unbeatable prices.
1. ITN 2009 – Torino, 15 Ottobre 2009
Attacchi ad infrastrutture critiche:
storie di vita vissuta
Raoul Chiesa
Founder, Honorary President, @ Mediaservice.net
Director of Communication, Board of Directors Member, ISECOM
Senior Advisor, Strategic Alliances & Cybercrime Issues at the United Nations
chiesa@UNICRI.it
Document Keywords
Infrastrutture Critiche Nazionali; SCADA; Automazione Industriale; Incidenti di Sicurezza; Attacchi
Informatici; Hacking; Sicurezza Nazionale; Penetration Test.
1
2. ITN 2009 – Torino, 15 Ottobre 2009
Agenda
Who is who
- Il relatore
- ISECOM
- UNICRI
I crimini Hi-Tech nel XXI secolo & l’hacking
Le Infrastrutture Critiche Nazionali
- Attacchi
- Problematiche riscontrate
- Incidenti
- TETRA
- Soluzioni
Contatti, Q&A
2
3. ITN 2009 – Torino, 15 Ottobre 2009
Il relatore
Raoul Chiesa
– Director of Communications at ISECOM
– Institute for Security and Open Methodologies
– Originally called the Ideahamster Organization (Est. 2000)
– Open Source Community Registered OSI
– Project Manager for H.P.P., OSSTMM Key Contributor
• OPST, OPSA, ISECOM Authorized International Trainer
– Professor of IT Security at various Universities & Masters (Italy)
– Advisor on Cybercrime for the United Nations at UNICRI
– Board of Directors Member at ISECOM, CLUSIT, Telecom Security Task
Force, and ISO ISMS IUG & OWASP
Italian Chapters
3
4. ITN 2009 – Torino, 15 Ottobre 2009
ISECOM: who is who
• Institute for Security and Open Methodologies (Est.
2002)
• Una Non-Profit Organization (registrata)
• Sedi a Barcelona (Spagna) e New York (U.S.A.)
• Open Source Community Registered OSI: utilizza un
processo di Open and Peer Review assicurando
Qualità e sviluppando una Chain of Trust,
diventando così una community
internazionalmente riconosciuta.
• Una Certification Authority “grown in the trust” e
supportata da istituzioni accademiche (La Salle
University network).
4
5. ITN 2009 – Torino, 15 Ottobre 2009
UNICRI: who is who
• United Nations Interregional Crime &
Justice Research Institute
• Fondato nel 1968 per assistere le
organizzazioni governative,
intergovernative e non-governative
nella creazione e miglioramento di
policy nel campo della crime
prevention e criminal justice.
• WHQ a Torino (UN Staff College,
ITC/ILO); uffici a Roma, Ginevra, New
York, Luanda (Angola), Maputo
(Mozambico).
5
6. ITN 2009 – Torino, 15 Ottobre 2009
Information Security
• L’evoluzione dei crimini dovrebbe essere analizzata
da punti di vista innovativi
• Diversamente, non saremmo in grado di
comprendere i nuovi nemici e, soprattutto, le loro
motivazioni
• Informazione è la keyword per le minacce di oggi
• You got the information, you got the power…
6
7. ITN 2009 – Torino, 15 Ottobre 2009
21st Century
Le minacce odierne si stanno trasformando,
ed evolvendo:
• Hacking “for fun”
• (Low-level) Hacking for money/phishing
• (High-level) Hacking/Industrial espionage
• On-line Child pornography (business)
• Botnets
• Critical Information Infrastructures, CNI &
SCADA
• Cyberterrorism
• Copyright & Intellectual property violations
• E-Commerce frauds, scams
• On line gambling
• Privacy issues (social networks)
7
8. ITN 2009 – Torino, 15 Ottobre 2009
Hacking: macro tipologie di attackers
Low-level hackers: “script-kiddies” hunting for known security flaws
(kind of “NEW”) Phishing, Remote low-level Social Engineering Attacks
Insiders (user/supervisor/admin)
Disgruntled Employees
High-level, sophisticated hackers, Organized Crime: middle and high level attacks
Hobbiest hackers
Unethical “security guys”
Unstructured attackers (SCAMs, medium & high-level hi-tech frauds,VISHING …)
Structured attackers (“the italian job”, targeted attacks, industrial espionage)
Espionage, Terrorism
Foreign Espionage
Hacktivist (unfunded groups)
Terrorist groups (funded)
State sponsored attacks
8
9. ITN 2009 – Torino, 15 Ottobre 2009
Critical National Infrastructures: high-level view
Le (principali) Infrastrutture Critiche Nazionali odierne possono essere
riassunte in:
Telecommunications
Electrical power systems
Gas and oil storage and transportation
Banking and finance
Transportation
Water supply systems
Emergency services (medical, police, fire and rescue)
Continuity of government
9
10. ITN 2009 – Torino, 15 Ottobre 2009
Critical National Infrastructures: zooming/1
Sector Sample Target Sub-sectors
1.Energy and Utilities Electrical power (generation, transmission, nuclear)
Natural gas
Oil production and transmission systems
2.Communications and
Information Technology Telecommunications (phone, fax, cable, satellites)
Broadcasting systems
Software
Hardware
Networks (Internet)
3. Finance Banking
Securities
Investment
4.Health Care Hospitals
Health-care facilities
Blood-supply facilities
Laboratories
Pharmaceuticals
5. Food Food safety
Agriculture and food industry
Food distribution
10
11. ITN 2009 – Torino, 15 Ottobre 2009
Critical National Infrastructures: zooming/2
Sector Sample Target Sub-sectors
6. Water Drinking water
Wastewater management
7. Transportation Air
Rail
Marine
Surface
8. Safety Chemical, biological, radiological, and nuclear safety
Hazardous materials
Search and rescue
Emergency services (police, fire, ambulance and others)
Dams
9. Government Government facilities
Government services (for example meteorological services)
Government information networks
Government assets
Key national symbols (cultural institutions and national sites
and monuments)
10. Manufacturing Chemical industry
Defence industrial base
11
12. ITN 2009 – Torino, 15 Ottobre 2009
China is attacking: UK
12
13. ITN 2009 – Torino, 15 Ottobre 2009
China is attacking: USA
13
14. ITN 2009 – Torino, 15 Ottobre 2009
China is attacking: Germany
The comments follow charges made by a top German intelligence
official that computer hacking by China was occurring on an almost
daily basis.
14
15. ITN 2009 – Torino, 15 Ottobre 2009
China is attacking: France
France has become the fourth country to speak out against hackers in
China following an attack on French government systems.
Francis Delon, France's secretary general for national defence,
claimed that the country's systems had been compromised and that
the evidence pointed to China.
15
16. ITN 2009 – Torino, 15 Ottobre 2009
I problemi riscontrati
Key issues Conseguenza
Reti piatte (no segmentazione) Vita facile ai worm
No FW ..arriva di tutto
No AV vulns note, bloccano la rete!
No xIDS Incident handling ?!? Anomalie ? Attacchi ?
Trojan “ad-hoc” ?
No Integrity Checker Modifiche ai file eseguibili
Sicurezza fisica Accesso fisico non autorizzato
Security Through Obscurity Non funziona più (GSM Association docet)
Differenze culturali Paradigma C-I-A VS A-I-C
16
26. ITN 2009 – Torino, 15 Ottobre 2009
TETRA & 911
• Nel 2007 siamo stati chiamati per effettuare verifiche
di sicurezza presso un Paese dell’area GCC (Middle-
East)
• Oltre ad un assessment di sicurezza “standard”, ci è
stato chiesto di “spegnere il 911”
• Dopo aver richiesto autorizzazioni estese, e dopo aver
toccato con mano lo scetticismo (vendor, e Cliente),
ci siamo messi all’opera
• Dopo 14 minuti il 911 era down: no police, no
ambulance, no fire department.
26
27. ITN 2009 – Torino, 15 Ottobre 2009
Altri case-studies (sotto NDA)
• Negli ultimi 3 anni ci siamo anche occupati di
verificare l’effettivo livello di sicurezza esistente presso:
– Energy Plants (Test Plant)
– Pharmaceutical (live)
– Finance
– Telco
– Air transport
– Highways
– Chemical
– Industry
• ..In tutti questi casi, siamo riusciti a violare con
successo l’infrastruttura e/o il target individuato.
27
28. ITN 2009 – Torino, 15 Ottobre 2009
Possibili soluzioni ? Cultura!
• Cybercrime Trainings on SCADA & NCIs @ the United
Nations (Torino, Italy)
– http://www.unicri.it/wwd/cybertraining/index.php
– http://www.unicri.it/wwd/cybertraining/info_security.php
– http://www.unicri.it/wwd/cybertraining/hacker_profiling.php
– http://www.unicri.it/wwd/cybertraining/SCADA.php
– http://www.unicri.it/wwd/cybertraining/digital_forensics.php
– http://www.unicri.it/wwd/cybertraining/ap-form_info.php
28
29. ITN 2009 – Torino, 15 Ottobre 2009
Contacts, Q&A
Contacts:
• If you are interested in ISECOM projects:
Raoul Chiesa, Director of Communications at ISECOM raoul@ISECOM.org
• If you are interested in professional penetration testing for governments and LEAs:
Raoul Chiesa, Chief Technical Officer & Tiger Team manager raoul@mediaservice.net
• If you are interested in UNICRI’s Cybercrime Trainings:
Raoul Chiesa, Senior Advisor & Strategic Alliances chiesa@UNICRI.it
GRAZIE DELL’ATTENZIONE!
DOMANDE ?
29