CONFERENCE ITINERARY

Presentation Title: Security Threats from Spamming
Presentation Details:

The massive rise in spam mail is not only very annoying to all of us who get reminded about how small a specific piece of anatomy is, but it.s becoming a major threat to Internet security as a whole, because of the huge amount of infected hosts. Control of these hosts are now bought and sold as hot commodity, as they are not only used by spam gangs, but are also falling in the wrong hands, and it doesn.t surprise me to learn Al Quaida already has this kind of control. With an estimated number of 750,000 infected PC.s, often remaining dormant, one can imagine the amount of problems this can cause if these were turned loose on critical systems like DNS servers, root name servers, and other vital links. I.m going to focus on my efforts to identify huge numbers of these infected hosts, and through cooperation of the ISP.s identify and shut them down. I do this by collecting spam, and using some custom software I.ve written, I can automatically shut down spam operations almost in real time through the use of this system, and will be prepared to demonstrate it. I.ll also be talking about how I can get viruses to teach me about the .secret. protocols they use and shut them down in real time before they can do damage, which is the focus of my upcoming seminar.

About John: 

An original member of the now famous "Homebrew Computer Club", Mr. Draper (AKA Captain Crunch), has over 30 years of programming and security expertise.

Widely known as the first security pioneer, Mr. Draper became interested while learning how to penetrate phone networks. He now uses his penetration skills to test the vulnerabilities in computer networks. While serving in the USAF, he worked on long range radar and radio equipment used for encryption. After a stint with American Astrionics, designing high speed Operation Amplifiers for precision missile guidance, he worked as an Engineering Technician at National Semiconductor.

He has been an innovator, writing high-speed analog encryption programs, specialized chebychev and butterworth filter circuit programs, and some of the first CAD programs. He then wrote the first cross-assemblers used in writing Assembly Language for the 8080, 6502, 1802, and 6800 chips.

At the Homebrew Computer Club, Mr. Draper designed his own computers and helped create the "Blue Box" tone generator. Introducing, among others, Steve Wozniak and Steve Jobs to the computing world, and a generation of hackers to the glorious concept of "phone phreaking", spawning the worldwide "2600" clubs. His work with Jobs and Wozniak led him to become the 13th employee of Apple computers, designing telephone interface boards, and developing both hardware and software for the Apple II.

Mr. Draper implemented the first FORTH language on the Apple II, utilizing it to write a word processor. After modifying it for commercial sale, Easy Writer, the world's first word processor was born. It took him only 20 minutes to port FORTH to the PC, and 48 hours later, Easy Writer was delivered to IBM, beating out Bill Gates and the early Microsoft team on the project. While working for IBM, Mr. Draper created the "Virtual Machine Interface", a screen and keyboard driver.

He is now a sought after Security consultant and Conference speaker, and has been touring the security conference circuit for years. His security expertise has led him to appearances on Nightline, Good Morning America and various radio shows nationwide, most recently on CNET radio in San Francisco, and The Learning Channel (The secret life of hackers).

Draper has appeared on A&E, and recently did a documentary for Channel Four in England. You can find him on the Discovery Channel Hall of Fame, further entrenching him as one of the true innovators of the industry. A co-founder of ShopIP, Mr. Draper performs security audits and is an architect of the CrunchBox firewall/IPS system. He also does database, Python, and secure GUI programming for SpamCruncher and CrunchBox.

Presentation Title: Exploit Mitigation Techniques
Presentation Details: OpenBSD has been auditing software for nearly 10 years, and while we have had significant success, it is clearly not enough. In the last 3 years a new view on preventing attacks has surfaced in the mindset of our group. A software exploit author starts by finding an interesting bug. Writing an exploit is easy because he can rely on a variety of system behaviours which are very deterministic. Many of these behaviours are not required for proper operation. Recently we have developed many new techiques which combine to thwart the attacker, without affecting regular software. We make the Unix process environment difficult to attack much like filling a house full of a variety of burglar traps.

About Theo: 

Theo de Raadt has been involved with free Unix operating systems since 1990 (Minix!) and then became one of the founders and prime developers of NetBSD. In 1995 Theo created the OpenBSD project, creating a free Unix that focuses primarily on security technologies. A few years later he also started the OpenSSH project (the most deployed Open Source software). Theo works full time on advancing OpenBSD, OpenSSH, and any technology which enhances free Unix security.

Presentation Title: The Art of Defiling: Defeating Forensic Analysis on Unix File Systems
Presentation Details: The rise in prominence of incident response and digital forensic analysis has prompted a reaction from the underground community. Increasingly, attacks against forensic tools and methodologies are being used in the wild to hamper investigations. This talk will: familiarize the audience with Unix file system structures; examine the forensic tools commonly used, and explore the theories behind file system anti-forensic attacks. In addition, several implementations of new anti-forensic techniques will be released during the talk. Anti-forensics has cost the speaker one job. This material has never been presented in the North American continent because anti-forensics scares the feds. Find out why.

About The Grugq: 

The grugq has been researching anti-forensics for almost 5 years. Grugq has worked to secure the networks and hosts of global corporations, and he's also worked for security consultanting companies. His work as a security consultant was cut short by the publication of an article on anti-forensics. Currently, he slaves for a start-up, designing and writing IPS software. Grugq has presented to the UK's largest forensic practioner group where he scared the police. In his spare time, grugq likes to drink and rant.

Presentation Title: Phreaking in the 21st Century
Presentation Details: Icons like Captain Crunch remind us that there was a time when phreakers were all the rage and abusing CCITT#5 phone switches was open to anybody with a blue box. As most Telco.s upgraded their equipment to support the new, out-of-band, digital SS7 signaling protocol, blue boxing was slowly but surely phased out. Phreakers went legit or quiet. The Internet and its lot of script kiddies became the center of interest.

Is phreaking dead? We beg to differ!

This presentation will focus on advanced phreaking techniques for the 21st century warrior. After a short presentation of current digital telecommunications network (with a focus on GSM/GPRS/EDGE and CDMA/3G) we will study how each element can be compromised for fun and profit. Nothing will be left untouched:

. Core Switching
. Radio Networks
. GPRS infrastructure
. 3G data
. Messaging (SMS, MMS, voicemail, USSD)
. Roaming, subscriber management platforms
. Fraud management
. Customer care systems
. Billing systems
. Mediation systems
. WAP servers
. Intelligent Network services (e.g. prepaid, VPN, conditional forwarding and screening etc.)
. Legal interception gateway
. Signaling devices
. Content aggregators
. Network Management Systems

We will also partially unveil the phreakers holy grail: Abusing out-of-band signaling by compromising SS7 nodes.

About Emmanuel: 

Emmanuel started his career in GSM telecommunications in 1994, specializing in Network Management Systems and Intelligent Networks, participating in the launch of several cellular networks across Asia and Europe, with a focus on Value-Added Services. In 1997 he founded a consulting firm focusing on the highly specialized security services for the GSM and 3G operators. Personal interests include X.25 networks and SS7 signalling.

Presentation Title: Attacks and Counter Measures in 2.5G and 3G Cellular IP Networks
Presentation Details: This presentation will cover and in addition carry on from the paper published in March 2004 of the same name by @Stake Security: .2.5G and 3.0G cellular technologies are here to stay.. This whitepaper assesses the issues still facing the industry since the GPRS Wireless Security: Not Ready for Primetime paper was published in June 2002. GTP (GPRS Tunneling Protocol) is now widely deployed in a majority of 2.5G and 3.0G cellular networks, and this paper reviews some of the potential attacks against the GTP protocol and the possible effects this will have on cellular providers. It also reviews some of the architectural alternatives that providers can consider. This paper will discuss several new as yet unpublished and undisclosed vulnerabilities in 3G equipment.

About Ollie: 

As Director of Security Architecture at @stake, Ollie has several years of information technology experience. His professional experience includes systems integration, security consultancy, and project management. He has published a wide number of advisories in products from Microsoft Outlook through to SAP DB. In addition Ollie has also published a number of whitepapers covering the security of cellular and bluetooth technologies. At @stake, he forms part of the London based professional services organization, providing clients with Attack & Penetration services as well as system and application architecture reviews. Ollie also heads @stake's wCOE researching technologies that include PDA's, Bluetooth, WiFi, Cellular and other RF technologies and the applications that use or run over these technologies.

Presentation Title: Java 2 Micro Edition (J2ME) Security Vulnerabilities
Presentation Details:

The talk will discuss Java 2 Micro Edition (J2ME) security in detail. First, general introduction to mobile Java, KVM, CLDC and MIDP concepts will be given. It will be followed by a detailed description of KVM security architecture, its operation and differences from standard Java Virtual Machine. After that several security issues affecting most of J2ME implementations will be discussed.

In the second part of the talk several vulnerability exploitation techniques specific to mobile Java code will be presented. Along with that, some useful reverse engineering techniques of KVM operation, ROM'ized java bytecode and native methods implementation will be also given.

The third part of the talk will present practical application of reverse engineering techniques discussed in the second part of the talk. This will be done specifically upon the example of the so called "closed" Nokia DCT4 cell phone. Step by step construction of a real life malicious Java midlet application will be also given in this part of the talk.

Some general thoughts about the future of mobile Java code and its implications on mobile devices security will be also given at the end of the talk.

About Adam: 

Adam Gowdiak is a graduate of the Poznan University of Technology. Since 1996 he has been working as security engineer and systems analyst at Poznan Supercomputing and Networking Center. He is the finder of many security vulnerabilities in IRIX, AIX, Windows and Java Virtual Machine. He has been the speaker at many international computer and network security related events. His security research interests include reliable vulnerabilities exploitation techniques, new attack methodologies, mobile code security, intrusion detection/prevention systems and advanced reverse engineering techniques.

About Jorge: 

With over nineteen years of IS experience and six years of security experience, Mr. Sebastiao brings experience, creativity, structure and innovation to the E-Business computing. As CEO at E-Security Gulf Group; he architects business focused security solutions. Previously at Computer Associates Middle East and Computer Associates Canada he implemented leading Enterprise Management, Security Management and Information Management solutions for mission critical business applications. He has guided clients in the integration of current technologies and migration of legacy applications to newer computing paradigms which make use of--object orientation, distributed systems, client/server, multi-tier as well as E-technologies. Mr. Sebastiao also co-authored a consumer credit and information book titled "La Face Cache du Credit". .

Presentation Title: Asymmetric Warfare and Interception Revealed
Presentation Details:

Please click here

About Fabio: 

Fabio Ghioni is advisor to several Multinational Corporations as well as Governments. He is the leading expert in the field of information security, competitive intelligence and intrusion management in an asymmetric environment. As consultant to several different Government institutions he has been the key to the solution of several terrorism cases in the past. He has serviced leading international corporations involved in the military, telecommunications, banking and technology industries. His key fields of research range from mobile and wireless competitive security to the classification of information and forensics technologies applied to identity management and ambient intelligence.

Presentation Title: Advanced Information Gathering AKA Google Hacking
Presentation Details:

This presentation will cover the wealth of information that can be gathered passively about an individual or organization. Whole sections of penetration tests and vulnerability assessments are now conducted via search engines and various other publicly accessible databases. The talk will cover the lesser known aspects of Google, tools such as Athena and Sitedigger and the amount of random misconfiguration that can be found with a little careful search engine manipulation. Other useful public databases will be covered with some details on how to leverage the maximum amount of detail on any given target. Also an introduction to the Google API and how it can be used or abused during a penetration test or hack attempt. This presentation will include a live demonstration in which the above techniques will used to gather coveted information about both random and targeted organizations.

About Gareth: 

Gareth is a security professional working currently for NSS MSC Sdn. Bhd.(http://www.mynetsec.com) a Malaysian based Information Security company and holds a degree in Software Engineering from Liverpool, UK. Also the co-founder of a large on line security community with over 15,000 members and one of the older UK based underground sites. Currently involved in practical application of penetration testing and vulnerability techniques, molding and delivering a next generation penetration testing certification and various other interesting projects. His knowledge encompasses digital forensics, Linux attack/defense, Windows security, attack and penetration, secure network topology and open source solutions.

Presentation Title: Windows Local Kernel Exploitation
Presentation Details:

This presentation will highlight mechanisms to exploit the Windows Kernel for useful local privilege escalation. Unlike "Shatter Attack" which is usually only useful if an attacker has physical access of the computer, Kernel exploitation will escalate the attacker to the highest level of the kernel itself without any restrictions. The presentation will include usage of undocumented APIs, memory corruption in device drivers, kernel 'shellcode' as well as other relevant tricks to find and exploit the Windows kernel-land for a successful privilege escalation.

About S.K.: 

SK is Co-Founder and (in)Security Consultant of SCAN Associates. Hacking into banks, ISP, military and government sectors is part of his job. He wrote a few security whitepapers on how to break network with SQL Injection, Buffer Overflow, Shellcode and stuff, including one of which published in Phrack E-zine #62. His presentation was heard in Blackhat (Singapore) 2003, RuxC0n2004 (Australia) and XCon2004 (China). He enjoy playing Capture the Flag game, and was in a team that won several CtF games from HITB2002 and Blackhat Asia 2003.

Presentation Title: Web Services - Attacks and Defense Strategies, Methods and Tools
Presentation Details:

Web services business is projected to grow from $1.6 billion (2004) to $34 billion (2007). Web services are being integrated with web applications and consumed by other businesses over the Internet using HTTP/HTTPS protocols. This makes Web Applications even more vulnerable since they cannot be protected by Firewalls and become easy prey for attackers. Next generation web application attacks have arrived and are here to stay. These attacks are targeted towards vulnerable and poorly written web services.

The web service is the new security Lego Land. The main building blocks are UDDI, SOAP and WSDL. This presentation will briefly touch upon each of these aspects. It is important to understand this new set of attacks together with the security controls to be put in place to protect web services. This presentation will cover new methodologies of assessment and defense strategies. It is important to understand what kinds of tools are out there. At the same time it is important to learn to build your own tools since web services are highly customized and generic tools may not always serve the purpose. This presentation is just what you need to get you started on the right track...

About Shreeraj:

Shreeraj founded Net-Square in January 2000, to establish the company as a strong security research and security software development company. Net-Square has been instrumental in developing and exporting web security components companies such as Foundstone and NT OBJECTives. He leads research and development arm of Net Square. He has over 5 years of experience with system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. In the past Shreeraj worked with Chase Bank and IBM in area of web security.

Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his graduate degree in Computer Engineering from Gujarat University, and an MBA from Nirma Institute of Management, India. Shreeraj has also authored a book titled "Web Hacking: Attacks and Defense" published by Addison Wesley.

Presentation Title: Security Tools Integration Framework (STIF)
Presentation Details:

Meder and Fyodor will be presenting the result of their efforts to create a common platform/API and and data exchange format for active network security tools data proccessing and analysis - Security Tools Integration Framework. The developed framework aims at designing and creating an unified environment for network security tools that, will provide facility for real time data analysis, data proccessing and sharing of such data by means of a simple inference engine.

About Fyodor:

Fyodor Yarochkin is a security hobbyist and happy programmer with a few years spent in business objectives and the "security" service delivery field. These years, however, weren't completely wasted - Fyodor has been contributing his spare time to a few open and closed source projects, that attracted limited use among non-business oriented computer society. He has a background of system administration and programming and holds Engineering degree in Software Engineering.

Note: Fyodor is not 'nmap Fyodor'. (http://www.snort.org/docs/faq.html#1.2)

Presentation Title: Security Tools Integration Framework (STIF)
Presentation Details:

Meder and Fyodor will be presenting the result of their efforts to create a common platform/API and and data exchange format for active network security tools data proccessing and analysis - Security Tools Integration Framework. The developed framework aims at designing and creating an unified environment for network security tools that, will provide facility for real time data analysis, data proccessing and sharing of such data by means of a simple inference engine.

About Meder:

Meder Kydyraliev is a freelance security researcher, has obtained his bachelor of science degree in software engineering from AUK/Kyrgyzstan and is at early stage of getting to know what real security industry(sic) is. For past 2 years he has been involved in research and development of Xporbe2 active OS fingerprinting tool. Some of his personal interests include: network reconnaissance, information gathering techniques and applications of distributed computing in information security tools. His senior project was titled "Multi-threaded, distributed platform for information security tools".

Presentation Title: Cryptography Demystified
Presentation Details:

This paper aims to present the introduction of cryptography, demystifying the terminology behind the elusive technology that seems to be rocket science to most people. Different cryptography standards, methods and algorithms are covered to present the audience a good feel of what cryptography is, what is present in cryptography, types of algorithm used, methods and a brief introduction to the Public Key Infrastructure which covers digital certificates significantly. This paper also discusses issues in implementing cryptography, both at application development and infrastructure level.

About Suresh:

Suresh Ramasamy is currently attached to the Network Security Division for TimeDotCom a Malaysian ISP. With 15 years industry experience and 5 years solely on the ISP networks, Suresh has been involved with security in depth, dealing with issues and incident response on a daily basis. He has actively been presenting on technology as a whole and security takes a particular interest. He has also been doing in-depth research on intrusion detection and prevention, attack mitigation, ddos/worm propogation management and containment, exploits prevention and security defence strategies.

Suresh Ramasamy is also currently pursuing research on network security with a local varsity and a graduate from Campbell University, USA.

Presentation Title: Stealth Virus Design Thru Breeding Concept (Non Polymorphic)
Presentation Details:

Most polymorphic virus design it is not totally flawless because the virus researchers can extract out the important bytes containing the logic of the program and search for the logics signature when scanning for polymorphic viruses. The reason portion signature searching works is because some parts of the code in the virus cannot be modified in order to ensure it works correctly. In order to design a truly stealth virus, we can code a virus that stores a series of program logics in source code to reproduce itself. For example, using the Compiler Class in .NET Framework, we can design a virus to randomly produce another new virus that is totally different from itself. The Compiler Class in the .NET Framework runtime is capable of producing executables from source code without the SDK.

In order to accomplish this, let's assume I store a set of source procedures into the virus. When the virus is executed, it will automatically sort the core malicious statements in the right sequence and insert some 'junk statements' in between these malicious codes randomly. Thus, when it compiles and writes a new executable file on disk, a totally new virus is produced. Using this technique to design a computer virus, the signature checking technique is useless for detection no matter how updated the virus pattern/definition files are. Moreover, each time the virus spreads; the resulting executable file is likely to be a new virus that shares 0% similarity from the original virus.

This presentation will include Proof of Concept (POC) code samples written in C# .NET and a demonstration to show how 'breeding concept viruses' can escape detection. The presentation will also include overviews of virus detection techniques, both signature and heuristic, and discuss some new ways to remove viruses more effectively.

About Sze Siong:

Teo Sze Siong started programming at the age of 12. Currently 20 years old, he is a student at Inti College Malaysia. His main interests in the computing fields are network security, software architecture design and algorithm efficiency. His achievements include:

Year 1999/2000: ShadowX's DBE (ShadowX's Driver Backup Expert). A tool which gained popularity among Win9x users and spawned a Portuguese version with assistance of a Brazillian. Full copyright with source code was later sold a year later...

Year 2004: Securizer .NET AntiVirus won 3rd place in Microsoft's Imagine Cup 2004 (Malaysia Level). Currently, the enhanced version has been nominated to compete in the ongoing MSC APICTA 2004 (MSC Asia-Pacific ICT Awards 2004).

Presentation Title: Defeating Kernel Native API Hookers
Presentation Details:

Win32 Kernel Rootkits modify the behaviour of the system by Kernel Native API hooking. This technique is typically implemented by modifying the entries within the kernel's System Service Table. Such modification ensures that a detour function installed by the rootkit is called prior to the original native API. The detour function usually calls the original native API and modifies the output before returning the results to the user-space program. This technique allows kernel rootkits to hide files, processes, and prevent termination of malicious processes. This paper gives a short introduction to the technique of Kernel Native API hooking, and proposes a technique for defeating kernel rootkits that hook native APIs by Service Table modification. The proposed technique restores the Service Table directly from user-space and do not require a kernel driver to be loaded.

About Chew Keong:

Chew Keong is the current elected Vice-President of SIG^2, a vendor-neutral, not-for-profit IT security special interest group in Singapore. Besides his portfolio as the Vice-President of SIG^2, he also leads the SIG^2's G-TEC lab. Using the lab, he pursues his interest in reverse engineering, vulnerability research, exploit code development, rootkit analysis, and device driver coding with his fellow enthusiasts. His research has uncovered buffer overflow vulnerabilities in several software, and he has developed techniques for disabling kernel rootkits and security tools that rely on Win32 native API hooking.

Chew Keong holds a Master's Degree in Computer Networks from the University of Essex (UK) and a Bachelor's Degree in Computer Science from the National University of Singapore.

Presentation Title: Information Network Security Issues in the Communications and Multimedia Industry
Presentation Details:

In issues of information and network security, the Malaysian communications and multimedia industry is guided by the 10th National Policy Objective of the Communications and Multimedia Act 1998 (Act 588), and that is, to ensure information security and network reliability and integrity. In the liberalized industry, network infrastructure in Malaysia is privately owned, and it is thus imperative for network owners to ensure the security and reliability and integrity of the network so that consumers feel safe and have full confidence in its delivery. The converging communications and multimedia industry and rapid technological changes have also posed new challenges to the security of the networks. The paper will discuss the issues surrounding the communications and multimedia industry and the challenges. To address the challenges, the paper will highlight several of these initiatives that the MCMC is working on in addressing those concerns.

About Toh Swee Hoe:

Mr Toh Swee Hoe is General Manager of the Monitoring and Enforcement Division at Malaysian Communications and Multimedia Commission. Mr. Toh was previously involved in the planning and installation of radio microwave transmission, rural radiotelephone, and cellular mobile telephone systems before moving on in 1987 to the Regulatory Department of the Department of Telecommunications. He assumed the post of the Regional Director of Telecommunications in 1992 where he was tasked with the day to day duties of coordination, monitoring, supervision and enforcement at the regional or state level of Sarawak. In April 1999, he joined the Malaysian Communications and Multimedia Commission and was involved in network standards and interoperability development. He later moved on to do spectrum management, industry policy and regulatory review, before holding his current position.

Presentation Title: Asymmetric Warfare and Interception Revealed
Presentation Details:

An indepth explanation of everything you've ever wanted to know about how to evade interception and how you get intercepted anyway. This presentation will cover a strategic (with a little technology) overview of a basic asymmetric warfare battleplans. Items that will be discussed include:

1) Types of interception implemented as of today and what will be implemented in the near future
2) Technology set up for National Security and Critical Infrastructure protection: Defensive and Offensive capabilities of the deployed Multi-Dimensional Asymmetric Warfare Array.
3) Examples of Governmental and Business implementations of the complete array or modules of the above
4) Potential impacts of such technology on both privacy and national security
5) Cyber attacks : an abstract built on Zone-H's experience

In detail:

1. The process of updating investigative procedure based on interception from voice to data: technological aspects and examples of judicial aspects
2. The beginning of data interception used to solve terrorism cases
3. Sensoring networks; asymmetric and symmetric sensoring from the standpoint of groups of nation states
4. Parametric interception:

- Basic concept
- What it is
- Uses and abuses
- Technology involved
- Reliability
- Usability in investigative procedure
- Examples legal uses in court cases and judicial use
- Basic architecture in asymmetric and symmetric deployment (same nation state standpoint)
- Real cases

5. Injected interception:

- What is it
- Basic technology
- When to use it
- Usability in investigative procedure
- Can it be detected
- Real cases

6. Virus technology in the service of justice: an overview

7. Trojans

- Usability in investigative procedure
- Potentiality in sensored networks
- Real cases

8. Digimetric interception:

- What it is
- Uses and abuses
- Distibuted use on asymmetric and symmetric sensored networks

9. Sensored networks and critical infrastructure protection:

- National security
- Asymmetric warfare and infowar
- Defence and uses in state of war

10) Cyber attacks : an abstract built on Zone-H's experience

About Roberto:

Roberto Preatoni (aka Sys64738): 37, is the founder of the defacement/cybercrime archive Zone-H (http://www.zone-h.org). He's also CEO of an International ITsec company (Domina Security) which is active in European and former soviet countries. He has been globetrotting, lecturing in several ITsec security conferences, including Defcon in the US. He has been interviewed by several print and online newspapers where he shares his experiences relating to cyberwar and cybercrimes.

Presentation Title: Protecting Your Business From Phishing Attacks
Presentation Details:

There are as many pitfalls in cyberspace as there are in the real world. Although phishing has been around for a while, new reports suggest that it is growing in volume. These scams try to con people of personal information, such as credit card numbers and bank security codes. Phishers set up websites resembling those run by legitimate companies. They lure people to these sites using email that purportedly comes from big-name firms, making them look very credible to catch the victims offguard. While phishing has historically consisted of attacks aimed at individual consumers, some phishing attacks trick recipients into installing malicious software, or malware. One recent phishing attack instructed recipients to download a patch for their operating system. In reality, the "patch" installed a back door into the system for later use by a hacker.

About Sukhdev Singh:

Mr Sukhdev Singh, Senior Security Consultant of Internet Security Systems(ISS), has 9 years of experience in security consulting practices. Sukhdev's expertise includes information security architecture planning, security policy & practices review, security incident response, security risk assessment and management. Sukhdev has been instrumental in designing and deploying security infrastructure of Enterprises and Government agencies in the region, including Singapore, South-East Asia, New Zealand and Pakistan. Besides having attained certification as a BS7799 Lead Auditor and Certified Information Systems Security Professional (CISSP), Sukhdev is also a Certified Professional Trainer and actively conducts information security training for Enterprise & Financial Institutions across the Region. Occassionally, Sukhdev represents ISS to speak in public security conferences and seminars.