14:30 - 14:45 Registration and Networking Time
14:45 - 15:30 Featured Talk - The strategy and tactics of the latest APT attacks in Hong Kong and conceptual illustration of a defensive solution for not well-funded organizations (by Mr. Frankie Li)
15:30 - 15:45 Q & A
15:45 - 16:00 Break
16:00 - 17:00 AGM & EXCO Election
Featured Talk - Abstract
On Jan 2013, Benny Tai, Associate Professor at the HKU, published an article on local newspaper in which he proposed an act of civil disobedience carried out in the Central, to put pressure on the government to make universal accepted proposals for democracy. A civic group “Occupy Central with Love and Peace” (OCLP or 佔領中環 or 佔中) was established. This topic encouraged various political parties, universities, news, media, student unions, NGO and individuals to express opinions on various Internet platforms. Sophistical cyber attacks, including APT (Advanced Persistent Threat) and Watering holes are found on various IT platforms.
Based on the samples collected, the speaker will share the details of the attacks and illustrate the strategy and tactics behind the attacks and give recommendations to install affordable defensive sensor system for not well-funded organizations.
Mr. Frankie Li (aka Ran2) is an independent researcher specializing in computer forensics and malware analysis. His current research is APT Malware Attribution and making use of open source big data to identify possible malicious adversaries. He is a member of Information Security and Forensics Society (ISFS), Professional Internet Security Association (PISA), International High Technology Crime Investigation Association (HTCIA) and a member of Honeynet Project, Hong Kong Chapter. He is a part-time lecturer of Digital Forensics classes offered by HKU SPACE and mentor for SANS Institute's malware and forensics classes offered in Hong Kong. He is also a speaker in Blackhat USA 2014 and HITCON 2014. Ran2 holds a master degree of ECom/IComp from The University of Hong Kong. He also holds several industry destinations, including Certified Information Systems Security Professional (CISSP), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA) and GIAC Reverse Engineering Malware (GREM).