[BSL2023] Internet Hijacks, still in the wild west era - Carlos Friaças
HTML-код
- Опубликовано: 28 ноя 2024
- What is an hijack? What is a leak? Which technologies are already available to prevent real impact? Why do people keep on announcing IP networks that don’t belong to them or their customers?
This talk will go through some historic hijacks, and will mainly focus on cases originated in Portugal - one which is recent and low-profile, the other which lasted several years and was largely publicized when was uncovered.
While this netsec related topic is usually not on daily cybersec news, hijacks still happen everyday, even if their scope can sometimes be limited. This talk also intends to describe cases where this type of attack can be explored.
The Internet was built over confidence between multiple parties. It is widely recognized times changed, however, one of the core Internet protocols - bgp, border gateway protocol - is still greatly abused, despite all extensions and standardization efforts to improve it. The main aim of this talk is to provide the audience with awareness about routing hijacks, and how it can leverage certain types of attacks. It also intends to unveil largely insecure practices between network operators. In the scope of FIRST’s netsec-sig a proposal is being prepared to reduce the attack surface for hijackers. FIRST is the forum of incident response and security teams.
ABOUT THE SPEAKER:
Carlos Friaças is the Head of RCTS CERT at FCCN, a Unit of FCT.
Carlos has graduated in Computer Science at the University of Lisbon in 1999.
He was a Systems Engineer at University of Lisbon from 1996 to 2000 (with a short spell at FCCN, working for the Portuguese Schools’ Network Team and the ccTLD .PT).
He managed the Portuguese Internet Exchange (Gigapix), while contributing to the Networking Team, responsible for AS1930 until late 2015. Since 2001 he manages the Local Internet Registry for FCCN.
During 15 years Carlos was involved in several European Projects, namely GÉANT, 6NET, 6DISS, 6DEPLOY and IPv6-TF-SC. Over the years Carlos has delivered IPv6 courses (around Europe and Portuguese speaking countries in Africa) and also some talks at TERENA Networking Conferences and RIPE meetings.
Since late 2015 he moved into CyberSecurity, taking a leadership role at RCTS CERT, the Portuguese R&E Network’s Computer Emergency Response Team. He was the manager of LinhaAlerta between 2016 and 2018, and represented FCCN at the INHOPE Association. Carlos was the Chairman of the Portuguese National CSIRT Network General Assembly in 2017 and 2018, and served as a member of its Executive Committee in 2021 and 2022.
![[BSL2023] Incident Response in Cases of Supply Chain Incidents - Lucas Ferreira](http://i.ytimg.com/vi/y0z0i61df7c/mqdefault.jpg)
![[BSL2023] Incident Response in Cases of Supply Chain Incidents - Lucas Ferreira](/img/tr.png)
![[BSL2023] The Hype and Reality of Using LLMs for Cybersecurity - Tiago Henriques (Balgan)](http://i.ytimg.com/vi/_-HLHcbTRt4/mqdefault.jpg)
![[BSL2023] Dirty Stream Attack, turning Android share targets (...) - Dimitrios Valsamaras](http://i.ytimg.com/vi/5QsHrAQC3OQ/mqdefault.jpg)
![[BSL2024] Inside Google’s Discovery & Remediation of a Critical CPU Vulnerability - Yousif Hussin](/img/1.gif)