SecuriTay 6: Key Takeaways from Abertay University’s Premier Hacker Conference

On a stormy February day, I braved the winds of Storm Doris to travel north to Dundee for one of the UK’s most anticipated infosec gatherings: the SecuriTay 6 conference. Organized by Abertay University’s Ethical Hacking Society, this annual event has grown into a cornerstone for the hacking community. From seasoned researchers to curious students, the conference offered a packed schedule of talks that delved into the latest in information security.

Having attended major conferences like 44CON and BSides, I can attest that events like SecuriTay are vital for the industry. They provide a platform for emerging voices and fresh research, fostering a collaborative spirit that drives innovation. This year, with over 350 delegates and a 96% attendance rate, the conference proved its enduring appeal despite the challenging weather.

Active Directory Security: Lessons from the Field

The keynote speaker, Gavin Holt, an Abertay graduate and senior security consultant at NCC Group, kicked off the day with a deep dive into Active Directory security. Holt shared anonymized case studies from his penetration testing work, highlighting common misconfigurations that plague organizations of all sizes. He pointed out that many businesses share sensitive resources like C drives or use identical admin accounts, making it nearly impossible to track who did what.

In one striking example, Holt described a scenario where passwords and usernames were identical for critical business software. Another case involved a shared file containing complaints from the Information Commissioner’s Office. He concluded that while Active Directory remains ubiquitous, its flaws often stem from poor implementation rather than inherent weaknesses. This session set the tone for a day focused on practical security insights.

Fileless Malware: A Growing Threat

Next, I attended Peter Cowman’s talk on “Malware in Memory.” Cowman, a final-year ethical hacking student at Abertay, explained how fileless malware operates without touching the hard drive, instead residing in registry keys. He cited the Democratic National Committee data breach as a prime example, emphasizing that detection requires looking for unusual registry permissions and suspicious threads. This approach to fileless malware analysis is increasingly critical as attackers bypass traditional antivirus solutions.

Cowman’s presentation was a testament to the high-caliber research emerging from student-led initiatives. It also underscored the importance of conferences like SecuriTay in nurturing new talent in the cybersecurity field.

IoT Security Challenges: The Other Side

After a brief lunch break, I joined Jamie Hoyle, co-founder of Karambyte, for a compelling talk on IoT security challenges. Hoyle divided IoT vendors into two categories: those with proprietary IP and manufacturing, and those using white-labeled hardware without source code ownership. He argued that reporting bugs to the latter group is often futile, as they prioritize profits over security.

Describing the “IoT gold rush,” Hoyle noted that many manufacturers treat security as an afterthought because it doesn’t generate revenue. He highlighted the lack of accreditation bodies for IoT products and the difficulty of extracting firmware for reverse engineering. His key takeaway: every layer of the IoT stack, from device to cloud, must be secured, yet few manufacturers have the expertise to do so comprehensively.

Secure Messaging and the Threat Landscape

Later, I caught part of a talk on secure desktop messengers by David Wind and Christoph Rottermanner from the University of Applied Sciences in St. Pölten, Austria. They discussed the usability versus security trade-offs in tools like WhatsApp and Signal. In a survey of 28 users, 21 failed to verify messages during a man-in-the-middle attack, suggesting that current verification processes are too complex. They recommended changing terminology from “verify” to “show keys” to improve user understanding.

The closing keynote by Rafe Pilling, a senior security researcher at SecureWorks, brought the day to a sobering close. Pilling debunked myths about the “dark web,” noting that cybercriminals often work in small, localized teams rather than vast networks. He pointed to groups like Fancy Bear and Shamoon, emphasizing the persistence of advanced threats. His talk served as a reminder that the cyber threat landscape is constantly evolving.

In summary, the SecuriTay 6 conference was a resounding success, showcasing the best of ethical hacking and infosec. For those interested in similar events, check out our coverage of BSides London or Steelcon 2023 for more insights. The future of cybersecurity looks bright with such dedicated communities driving progress.