Monthly Archives: April 2018

Cyber Security Summer School 2018: “Maritime Cyber Security”

11-15 June 2018, Tallinn, ESTONIA, Estonian Maritime Academy

This year’s Cyber Security Summer School will focus on maritime cyber security. With experts from maritime sector, marine technology industries and cyber security establishments, the Summer School will give an overview of the tools and communications used in shipping industry, discuss their vulnerabilities and also introduce new trends in autonomous shipping and its dangers and risks.

Program
MONDAY, June 11th
8:00-9:00 Registration. Breakfast
09:00 Welcoming words and opening of Summer School by Organizers
10:00 Opening keynotes: TBD
12:00 Lunch
13:00 – 15:30 (room I) Track 1: Traditional maritime communication and navigation methods for Cyber Security Students (including GPS spoofing, Navigation messages, AIS etc).
13:00 – 15:30 (room II) Track 2: Ship Hacking Demo & introduction to cyber security for seafarers.
15:30 Coffee break
16:00 – 16:45 Practical exercises (e.g., HF call interception)
16:45 – 17:00 Feedback and closure for the first day

TUESDAY, June 12th
09:00 Breakfast
09:30 Modern methods – autonomous ship, sat voms, loT by D4V team
12:00 Lunch
13:00 Afternoon at Mektory joint event with Cyber Spike Competition. Tour in Mektory
14:00 Human factors & OSINT by Jenny Radcliffe & Lisa Forte
15:15 Panel Discussion on Maritime Cyber Security by Jeff Moulton and Jenny Radcliffe
16:00 Winners of CyberSpike and cake by Birgy Lorenz

WEDNESDAY, June 13th
09:00 Breakfast
A broader look at other sectors with experience:
09:30 Car hacking & forensics
10:15 Cyber Security in Aviation and joint efforts to secure the transportation industry from a regulator perspective by Gerry NGU EASA & European Centre for Cybersecurity in Aviation (ECCSA).
10:45 Coffee Break
11:00 Real-world malware stories by Anders Carlsson & Alex
12:00 Lunch
13:00 Political and cyber-warfare aspects of maritime cyber security by Joe Burton
14:30 Coffee break
15:00 Fake-GPS and Fake-Nav-chart attacks
15:30 TBD by Jeff Moulton
16:00 Practical exercise: cyber warfare exercise preparation by Mentors
19:00 Gala dinner

THURSDAY, June 14th
09: 00 Breakfast
09:30 Practical exercises in EMERA simulators
12:00 Lunch
13:00 Practical exercises in EMERA simulators
15:00 Coffee break
15:30 Practical exercises in EMERA simulators
16:30 Feedback and discussion by Organizers

FRIDAY, June 15th
09:00 Breakfast
09:30 Friendly student competition in EMERA simulators. Mentors
12:00 Lunch
13:00 – 14:00 Feedback and conclusions of the summer school by organizers

Links:
http://www.studyitin.ee/c3s2018/

Interdisciplinary Cyber Research (ICR) workshop 2018


9th of June, 2018 — Tallinn, Estonia

The aim of the workshop is to bring together young as well as established scholars undertaking research in various disciplines related to information and communication technologies such as computer sciences, political and social sciences, and law.

You can participate as a speaker (submitting an abstract+delivering a presentation) or simply join our wonderful audience. Speakers are requested to submit a 1000-word abstract.

Timeline:
Call for abstracts deadline: 9 April 2018 at Easychair
Notification of authors: 16 April 2018
Registration open until: 4 June 2018

Keynotes:
Head of Computer Emergency Response at University of Cambridge Mr Kieren Nicolas Lovell – “Command, Control & Communications within Cyber Incidents”

ICR2018 registration is open until 4th of June 2018: (be sure to register early, both last years’ events have been fully booked)

Links:
http://cybercentre.cs.ttu.ee/icr2018/

ID card “The Lessons We Learned” conference

Estonian Information System Authority (RIA) is organising an international conference on 9th of May in 2018 in Tallinn (Tallinn Creative Hub – Kultuurikatel) to discuss the impact and consequences of the security risk found in the Infineon chips in autumn 2017 by the researchers at Masaryk University in the Czech Republic.

The aim of this conference is to bring together parties affected by the security risk to discuss our lessons, experiences and responsibility, because the security flaw affected many companies and countries in Europe as well as elsewhere in the world. If possible, we aim to agree on a joint plan of follow-up activities or a memorandum to provide input to different authorities who establish regulative rules. Researchers from Masaryk University have announced their participation in the conference – they will make an opening presentation about their research.

The conference is aimed at policymakers as well as specialists in the eID field, opinion leaders, representatives of authorities and companies that are dependent on the functioning of Estonian ID-cards and e-services, developers of e-government and IT systems, and other parties related to the issue from both Estonia and Europe.

Agenda:
09.30-10.00 Delegate registration opens. Welcome coffee
10.00-11.30 Welcome and Opening of the Conference / Session 1
• Welcome speech by the Prime Minister Jüri Ratas
• The goal of the research (ROCA vulnerability ) – Petr Svenda, the University of Masaryk
• The global influence and the distinctness on Estonian ID-card and its use – Taimar Peterkop, the head of Information System Authority
• The examples of actions of different countries – Ulrich Latzenhofer, Austrian Regulatory Authority for Broadcasting and Telecommunications
11.30-12.00 Coffee break
12.00-13.30 Session 2
• Lessons we learned (Estonia) – Rain Ottis, Tallinn University of Technology
• Discussion „What went wrong? What can we do better in the future? Expert panel, lead by Rain Ottis.
13.30-14.30 Lunch
14.30-16.00 Session 3
• eIDAS perspective of the ROCA vulnerability – Marnix Dekker, ENISA
• Open risk management – Ilmar Raag, film editor
• The lessons we learned (global) – Liisa Past, Information System Authority, analyst
16.00-16.30 Conference conclusion by moderator Andres Kütt
16.30-17.30 Goodbye coffee and networking

Links:
https://lessonslearned.publicon.ee/conference-agenda/

Study on the lifecycle of cryptographic algorithms 2017

This year we have ordered and will publish cryptographic algorithms life cycle report in parts. The first part is now available.

The first and the most important chapter gives overview of the current state of algorithms.

The second chapter writes about the cryptographic side of the last fall ID card crisis. The report describes what happened, what was done and how on the cryptographic side the new solution (elliptic curves) for ID cards works.

The third chapter gives overview of block-chain technologies and in addition provides Estonian-language terminology for block-chain related English terms.

The report has been ordered by RIA and written by Cybernetica researchers Ahto Buldas, Jan Willemson and Arne Ansper.

Links:
https://blog.ria.ee/ria-kruptouuring-id-kaart-ja-plokiahelad/
https://www.ria.ee/public/RIA/kruptograafiliste_algoritmide_elutsukli_uuring_2017.pdf
https://geenius.ee/uudis/nsa-usub-et-eesti-id-kaart-peaks-vastu-pidama-ka-kvantarvuti-runnakule/