hack.lu 2023

Raiders of the Lost Arts
2023-10-19 , Salle Europe

Using outdated technologies and old methods to sabotage and engage companies and what can be done about it


Vintage clothing, computers from the 80s, vinyl and retro-games are all the rage: everything that was once old and outdated is making a comeback. Surely we infosec folk are unaffected by such trends. Aren't we at the bleeding edge of the future, protecting our assets with expensive vendors solution that declare their effectiveness with proper buzzwords; Real-Time, Cloud Based and Always On?

Unfortunately, this does not seem to be the case. Sure, some modern problems have been addressed, but old and sometimes even ancient attacks persist. Some of them don't show up in your logs, and some are difficult to defend against, assuming you are even looking for them.

Can you DDoS a company by sending letters? How much revenue will you lose if the neighboring building receives an unexpected package? Who really gets into trouble when you drop a few USB sticks in the parking lot?

Lean back and enjoy an overview of the dangers of unencrypted, unauthenticated protocols, exploitation of human expectations, sabotage and how to spot if someone on the inside is trying to ruin your day without even touching their computer.

Stefan works for the Internet Security Team at German company DATEV eG. He started messing with computers in the 80s and turned it into a job as a programmer in the early 90s. Since 2000 he has been securing networks and computers for various enterprises in Germany and Scotland. His main focus nowadays is security research, raising security awareness, coming up with creative solutions to security problems and discussing new ideas concerning threat mitigation. When not trying to do any of the stuff mentioned above, he is either travelling, producing hacker music and other electronic beats or gardening.