Judging from the keynote speakers at the ITWeb Security Summit 2015, to be safe from the cyber world one would have to find an island with a single palm tree for shade to be safe from people trying to monitor your every movement and steal whatever is on the device you may carry.
Willem Binney, a former NSA director, said that the US National Security Agency is collecting information on everyone in the world.
Binney plans to go around the world and explain what the material released by Edward Snowden really means and how it affects the internet worldwide. According to Binney, this is based on his understanding of how the NSA works.
He said the NSA is seeking to map everybody in the electronic world, so any electronic transaction can be used, stored and manipulated. Binney stated that the NSA is very good at collecting and storing data, but is very bad at analysing it, because the organisation collects everything.
Binney also revealed how the agency spies on the internet by tapping into fibre networks around the world.
He said that a collection device would be put at the intersection of multiple fibres where most data can be collected – getting the most “bang for your buck”. He added that 80% of fibre in the world is either in, or passing through, the US.
The second keynote speaker was Roger Dingledine – president, director and co-founder of the Tor Project. He provided some reassurance, stating that with Tor you can protect yourself against your location and movement being tracked.
This free software and open network helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities, relationships, and state security.
He said that Tor protects by bouncing your communications around a distributed network of relays run by volunteers from all over the world.
It prevents somebody watching your internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.
Verner Fryer, chief technology security officer at Vodacom, provided an overview of the cyber threat landscape in Africa and gave an insight into the daily attack patterns in South Africa.
He spoke of denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks, which are attempts to make a machine or network resource unavailable to its intended users.
Vodacom has started a separate group, the Cyber Intelligence Gathering group, which is looking at data gathered over the past six years to identify the security trends which could assist them in speedily identifying security issues in the future.
On Thursday 21 May Vodacom saw a huge spike in their traffic. This is claimed to be the largest DDos attack seen in South Africa to date. According to Fryer, it appeared like a normal malware attack but the size of the files made the company suspicious.
Vodacom was able to divert the traffic, clean the files and so avoided any impact on the network.
With all that that is being done by your networks and security software, perhaps the island with one palm tree for shade is the ultimate solution!