Thinking from #DPCCyber, I wish IT in more institutions would be more transparent about how many cyber attacks they deal with. We get training on phishing attacks, but we don’t ever receive information about how many attacks are received (and hopefully thwarted). Making clear that you’re facing cyber security threats and managing them instills more trust than being a black box…

Klaus Rechert at #DPCCyber on some of the advantages but also risks of #virtualization and #emulation. Even where the risks are well managed, a challenge may be how to provide meaningful access to users without compromising security.

"Users are dangerous, by definition" says Klaus Rechert at #DPCcyber
Yes they are!
But also kind of necessary, I suppose. :-D
The evils we live with.

"clean" Polyglots in the wild - examples given by @Ange at #DPCcyber:

- hybrid ISOs (ISO & MBR)
- self-extracting archives (executable+archive)
- hybrid PDF #wtfPDF (PDFs with embedded OpenOffice doc)

Check out ange's MITRA tool for some polyglot generation:
https://github.com/corkami/mitra

@mickylindlar @Ange The expression file format messology! #DPCCyber

And now at #DPCcyber it's @Ange - always my favorite speaker when it comes to scaring the life out of preservationists worldwide!

How can we improve security? #DPCcyber

David Batho says:
- know your infrastructure: what are critical assets?
- KNOW YOUR BACKUPS! ensure you have robust backup & recovery methods
- ensure vulnerability & pactch management policies are in place
- ensure logging & monitoring of key servies are in place (early detection)
- use defence in depth --> multi-factor (incl. consistent anti-virus; awareness traning of staff & students)

...it all sounds like a no-brainer but it's so often neglected.

Attacks on Education UK sector in 2022: #DPCcyber

(...)
Q3:
- 3 major incidentes (Microsoft Exchange server compromise)
- 62 DDoS attacks targeting 24 insts

Q4:
- 5 major cyber incidents (2 FE unable to operate, HE disruption to service & BAU, student & business data exposed)

Attacks on Education UK sector in 2022: #DPCcyber

Q1:
- 4 major incidents (ransomware attacks, all via insecure remote access servies)
- 84 DDoS attacks targeting 37 insts

Q2:
- 8 major incidents (remote access, unpatched critical vulnerabilities, aabsent multi-factor authentification)
- 85 DDoS attacks targeting 28 insts

(...)

"you're never going to detect a threat or an attack if you don't have effective monitoring" says David Batho at #DPCcyber
Another great parallel to digital preservation. The resistance I often here when it comes to monitoring continues to baffle me.

ransomware dates back to 1980s, becaome widespread in 2000s; main route to compromise is still phishing and social engineering; common forms are scareware, encrypting and screen locking
#DPCcyber

David Batho at #DPCcyber : Increase of cyber crime during COVID pandemic has seen a 600% increase! 90% of cyber attacks are start from a phishing incident. 3.1 billion phishing emails are sent EVERY DAY. In 2022 there was a ransomware attack every 11 seconds ... not by script kiddies, but well-trained and highly skilled experts who know how to move quickly in organizations.

Education is now one of the most targeted sectors.

Listeing to these #DPCcyber presentations makes me regret my career choice .... should have gone the pen testing route ;-P

Tim Gollins considers Ransomware the currently overwhelmingly biggest security and preservation risk we have today.

Curious if people agree.

#DPCcyber

At #DPCcyber Tim Gollins is talking about "The A's of Computer Security" in the 1980s, the concepts that cyber security was centered on for a long time:

- Authentication -> proving who you are
- Authorization -> proving you have right
- Access Control -> allowing you to get to information
- Availability -> you can get information when you need it
- Audit -> recording what you did and when
- Assurance -> gaining confidence in the functionality
- Accreditation -> demonstrating things are secure

And tomorrow, 16 Dec, we'll be continuing the #DPCcyber conversation with a Watch Party and live discussion from 1300-1500 AEDT/UTC+11.

https://www.dpconline.org/events/eventdetail/85/-/cybersecurity-and-digital-preservation-watch-party

This afternoon, we're getting ready to welcome participants and speakers along to our much anticipated #DigitalPreservation & Cyber Security Event which starts in less than an 1 hour at 1400 UTC.

Follow along using #DPCcyber:
https://www.dpconline.org/events/eventdetail/63/-/cyber-security-and-digital-preservation #digipres