Cybersecurity Symposium at LACNIC 31
The Regional Conference of the Global Forum of Incident Response and Security Teams (FIRST) brought together a large number of experts and professionals to analyze the cybersecurity situation in Latin America and the Caribbean.
The FIRST Regional Symposium was organized jointly by LACNIC and CERT.br within the framework of the LACNIC 31 meeting in Punta Cana. This Symposium was held over three days and was attended by more than 40 participants.
The first day of activities was dedicated to a plenary session that included nine presentations and the discussion of topics related to security incident management, new trends in cyberattacks, and new tools for their detection. Courses were offered on the second and third days of the Symposium to strengthen the computer security response capacity of the region’s professionals.
Graciela Martínez, Head of LACNIC WARP, noted that the FIRST symposium is one of the most important security events in the region. “LACNIC, with the support of CERT.br, makes a great effort to offer its members the chance to learn from outstanding cybersecurity professionals,” added Martinez.
Professionals representing different CERTs/CSIRTs from around the region participated in the Symposium, as well as representatives Caixabank and INCIBE (Spain), international organizations such as ABUSIX, SPAMHAUS, TRUXGO, ThreatSTOP, and members of the Internet Society and the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG).
Incidents are on the rise. According to the reports presented at the FIRST meeting, there was a 10% increase in botnet attacks (computer robots that can be executed autonomously and automatically) and their focus was mainly on stealing user credentials for the purpose of committing economic fraud.
According to the experts, phishing (identity theft) also remained among the most common forms of fraud. “The statistics presented at the FIRST meeting match what we are seeing at the WARP in our own statistics,” Martinez said.
The speakers alerted of an increase in the registration of domain names that are then used to commit fraud and pointed out that e-mail messages are still a tool commonly used for sending malware (malicious programs that seek to affect computers).
Training. The symposium also included two days of training presented by Javier Berciano, head of INCIBE-CERT and member of the FIRST Board.
Berciano addressed the fundamentals of Distributed Denial of Service (DDoS) attack mitigation, different types of attacks, how to prevent them, and the role that the collaboration among organizations plays when these incidents occur. He also offered training on the fundamentals of network forensics, instructing participants on how to collect evidence and prepare analyses and incident reports.
Meeting of Latin American and Caribbean Computer Security Incident Response Teams
The regional LAC-CSIRT community also held its meeting in Punta Cana within the framework of the LACNIC 31 event. Different regional CSIRTs shared their progress and current projects, while several professionals who are in the process of creating their own CSIRTs took advantage of the opportunity to ask for information and advice from several participants with great expertise in the creation and operation of incident response teams.