Time to get to the venue, hang your coat, get your badge and get some coffee or tea.

Time to get to the venue, hang your coat, get your badge and get some coffee or tea.

Opening of WICCON2024

In the Netherlands we have a long standing tradition of voting using the red pencil and paper. But historically we have had a good decade where we voted using votingmachines/computers.

The reason we went back to the paper way has everything to do with some very critical hackers. The result of their important work and effort is still relevant today.

In this talk you will learn a little bit about the history of votingmachines in the Netherlands, what hackers had to do with them and what the challenges are that we face when trying to digitalize the voting proces.

Serious game expert Nancy Beers and Karen Sikkema will show you the super power of using games and playfulness to raise security awareness and use playfulness as an educational tool.

During Emily Jacometti's demo at Wiccon, you’ll walk away with key takeaways, including:
- A deep understanding of HackShield’s mission and how it positively impacts digital safety for children.
- Insights into how gamification and storytelling can make education fun and engaging.
- Practical steps on how to become a guest teacher and contribute to the movement.
- A clear vision of how HackShield is creating societal change and fostering future talent in tech.
Don't miss the chance to learn how you can be part of this impactful initiative!

Imagine facing a list of the most commonly used malware variants for initial access. As the Dutch Police, where would you begin your investigation? In this talk, I will guide you through one of the investigations from Operation Endgame, where we began with just the name of the malware: IcedID. I will illustrate the complexities involved in tracking and dismantling the malware infrastructure, as well as apprehending the cybercriminals behind it.

Prepare for a dynamic and engaging presentation by two field specialists (Diana Makienko: Business Information Security Officer (BISO) at Swift and Lucile Renhas: Insider Risk Consultant at Signpost Six). This session will blend theoretical insights, academic studies, and real-life examples to provide a comprehensive understanding of insider risk. Attendees will uncover hidden risks within their organisation and learn how to effectively combat insider threats. This session will equip them with the knowledge and tools to enhance their organisation's resilience, ensuring a holistic approach to security.

Lunch

Lunch

Explore the art of incident response. Join our D&D-style campaign to thwart the Cryptic Sorceress, recover the crown jewels, and gain resilience in the face of digital calamity.
There will be a bit of humor and silliness, unexpected twists and turns and opportunity to learn a lot about incident response.
But beware - victory isn’t guaranteed.

Neurodiversity as your superpower.

In this talk we’ll examine Apple’s AirDrop functionality from a forensic perspective. We will look at the various forensic artefacts an AirDrop file transfer creates, including unified logs, file metadata, extended attributes and the quarantine database, as well as how to find and analyse them. We will also discuss some of the privacy & security concerns regarding the protocol behind AirDrop.

Achieving lasting behavioural change is crucial for reducing the human risk element in cybersecurity. However, many decision-makers in cybersecurity are ill-equipped to identify which buttons to push to foster truly cyber-safe behaviour. In presentation, based on research involving over 6,000 employees and insights from the human risk management movement, I challenge the gut feelings that often inform behaviour programs and advocate for a measurement-driven approach to inform interventions. I willl provide practical advice for implementing this approach, including the use of user experience tests, questionnaires, and existing data sources. These tools can inform decisions about effective behavioural interventions. By shifting from intuition to evidence, we can fortify the human element in cybersecurity more effectively.

Break

Break

Education about hazardous substances doesn’t have to be dull—it can be engaging and fun! In this interactive session, discover how "100 Ways to Die at Work", a serious game, tackles critical safety issues in an innovative way: Protect your co-workers, ensure your own safety, and learn about hazard symbols, all at the same time.

The Cyber Resilience Act is an upcoming EU cybersecurity legislation. It is designed to make sure products with digital elements are developed more securely, ultimately protecting consumers all over Europe. It supplements the existing legal framework for the CE mark (EU declaration of conformity) for security properties. The Cyber Resilience Act marks the first-ever EU-wide legislation of its kind, mandating cybersecurity requirements for both hardware and software products throughout their entire life cycle. This presentation will give an overview of everything you need to know now about the regulation.

Dutch Hacker Camp culture is deeply rooted in the ethos of openness, collaboration, and exploration. These camps are typically organized by volunteers from various hacker and maker communities in the Netherlands and attract participants from all over the world who are interested in technology, hacking, DIY culture, and digital freedom.
They have a rich history and in this talk, an overview of this history is given .

How do you handle dilemmas in information security? Test your knowledge and decision-making skills with our Conversation Starter game, where you'll face challenging scenarios designed to put your critical thinking and information security skills to the test.

Despite the array of incentives—from subsidies and grants to regulations, DARPA challenges, and X Prizes—cybersecurity remains a persistent and evolving problem. With so many efforts aimed at fixing the vulnerabilities in our digital landscape, why do we still struggle to get it right?

Networking dinner and a little party

Time to get to the venue, hang your coat and get some coffee or tea.

Time to get to the venue, hang your coat and get some coffee or tea.

Step into the world of Industrial Control Systems (ICS) with our immersive workshop designed for cybersecurity enthusiasts and professionals. This hands-on session provides a foundational introduction to ICS and protocols.

The EU wants to address digital CSAM (Child Sexual Abuse Material). Their ideas of getting rid of it direct us into a minefield of problems, as the current plans would lead to an unparalleled surveillance of 450 million EU citizens, while it is not clear what it can bring.
It is a topic that seems to contrast the protection of privacy versus the protection of children. But is that really the case? And are there other solutions?

Nowadays container technology has become a key component of modern software development and deployment practices. In this talk, we will talk about how containers work, what are the security risks that come with them, and how to address these.
No specific background required in order to follow this presentation :)

In the presentation "Running Forward: Year 1 of Building a CTI capability for a Sportswear Brand" Jennifer Wennekers will discuss ASICS' ongoing Cyber Threat Intelligence (CTI) journey, including the evolution of their CTI capability, challenges, opportunities, stakeholder management, technology, and future plans.

In 2024, we have an extensive archive of cyber-related incidents illustrating the various forms of attacks that organizations and individuals face daily. Few things for veterans in the cyber domain can be considered 'surprising' or 'shocking,' and many believe not even AI is going to rock the boat. Cybercrime is, after all, an evolution, not a revolution, and at its core, we recognize its DNA. However, the advent of generative AI introduces unprecedented challenges in both scale and complexity, particularly in the realm of impersonation fraud and identity theft.

This presentation aims to delve into how generative AI, with its ability to create highly convincing deepfakes and clone voices, is revolutionizing financial identity theft. We will explore what countermeasures, if any, are already being taken and how we can avoid situations where victims bear the reverse burden of proof. Drawing on my previous research into the facilitating factors of financial identity theft, I will examine how AI complicates an already complex issue and discuss potential strategies to mitigate these emerging threats.

Business continuity is a discipline where SRE and Security meet: they both care about mitigating risks and keeping services available and secure. Whereas it’s often clear how to engineers respond to and manage incident, disasters that threaten a business’ ability to operate their core functions (luckily) don’t occur that frequently and often involve a different group of decision makers. To improve any organization’s resiliency, it’s advisable to run business continuity drills without breaking all applications for our users: this is where simulations and tabletop drills can help you out.

In this talk, Janna will share her experiences in creating and running a business continuity drill as a joint effort by Security and SRE teams at WeTransfer. She will share a step-by-step guide for creating a tabletop business continuity drill, including real-life examples, and what her team learned along the way. This way, the audience will leave with the knowledge required to become game masters of their own drills.

Lunch

Lunch

The proposed talk will focus on cybersecurity within the maritime industry and its intricate ties to
Industrial Control Systems (ICS) domains. This session will dissect the essence of cybersecurity for
ships, covering the spectrum from understanding threats and actual cyber attacks to fortifying
networks, implementing risk management strategies, and offering actionable recommendations.
We'll delve into the specifics, examining the unique challenges faced in securing maritime networks
against unauthorized access and potential breaches. Additionally, we'll explore comprehensive risk
management tactics tailored specifically for maritime operations, emphasizing the importance of
proactive measures to address cybersecurity threats effectively.
A highlight of this talk will be a compelling case study illustrating the intricacies of threat modeling
for a cruise ship. By dissecting vulnerabilities and devising preventive measures, attendees will gain a
tangible understanding of enhancing onboard security measures.
Moreover, our discussion will extend beyond the maritime sphere, exploring the interconnected
nature of cybersecurity across various ICS industries. Understanding these connections is pivotal in
comprehending the broader implications and implementing collaborative strategies for a robust
cybersecurity framework.

At The Hague, the city of peach & justice, (cyber) security is very important to keep the information and citizens of The Hague safe. Since 2017 we organize a hacking competition called Hâck The Hague.

The Dutch Electoral Council has gathered a team of nerds who are developing new election software, named Abacus, to support the process of counting votes during Dutch elections. This talk will focus on the security challenges and threats associated with the software itself and the process of determining election results. What can go wrong and what can we do about it?

In today's digital landscape, application security is crucial for safeguarding sensitive data and maintaining user trust. Without a robust AppSec program, or with one poorly implemented, chaos can ensue, leading to vulnerabilities and breaches. This talk explores our journey of establishing an AppSec program from the ground up. We will share the valuable lessons we learned along the way, detailing the obstacles we overcame and the cultural challenges we faced. Join us as we present real-world examples and best practices, offering practical guidance to help you navigate similar challenges and build a resilient AppSec program.

Break

Break

The most relevant intel is intel which applies directly to our environment. It's also the most neglected source of intel. It has become my favourite subject during last few years.

Is Telegram the new Dark Web? That is the main question during this interactive presentation. Due to specific functionalities, Telegram has developed into much more than a chat application and this has not gone unnoticed by criminals. Partly due to the strict privacy and security options and the extensive options for group chats, the use of Telegram has not only increased exponentially, but there has also been a strong growth in criminal activities on Telegram. In this interactive presentation we will take you through the dark sides of Telegram, full of drugs, weapons and more, using concrete examples. During this interactive presentation we not only provide an insight into the criminal activities that take place on Telegram, we would also like to discuss the practical and legal possibilities and limitations for investigation by Law Enforcement. We challenge you to share your thoughts about possible solutions to reduce criminal activities on Telegram.

Network monitoring is standard practice in the corporate IT world, but what about monitoring industrial process networks? These networks operate factories, control energy grids, water dikes and support other essential aspects of our modern life and yet they often lag in security. In this session, we’ll dive into the deployment of ICS (Industrial Control Systems) monitoring solutions, the challenges we often face, lessons learned and of course what to look for once we gain the visibility!

If an attacker could execute arbitrary policies on a policy engine, would that pose a danger? Turns out, the answer is yes. Policy engines are crucial for enforcing compliance and security rules within business-critical processes, including Infrastructure-as-Code (IaC) deployments and Kubernetes operations. Our research focused on inherent risks associated with popular policy-as-code and IaC domain-specific languages (DSLs): OPA's Rego language and Terraform's Hashicorp Configuration Language (HCL).

In this talk, we will explore and demonstrate malicious techniques targeting these DSLs, including novel methods such as DNS tunneling discovered during our research. We will discuss the adoption of these techniques by attackers and evaluate the effectiveness of current scanning tools against them.

Finally, we will conclude by providing practical detection rules and best practices to safeguard PaC and IaC environments against such risks.

The closing of WICCON

Friday afternoon networking drinks and some snacks