Back to the Roots - Incident Case StudyReturn to TOC presented at FIRST 2014

by Mikko Karikytö,

Summary : Mikko Karikytö is leading the Ericsson Product Security Incident Response Team, PSIRT. Ericsson PSIRT is responsible of vulnerability management and security incident response for Ericsson products.
In the era of cyber security and cyber war, 50 billion connections, internet of things and clouds, one would expect that incident response and resolution have travelled far away from its roots. As nice as it would be to work with new technologies, new threats and new types of incidents, the truth out there is much more brutal. Instead of swiping around like Tom Cruise in Minority Report, we are back to the basics what comes to incident coordination, findings and root causes for incidents.
In this presentation we will have a case study of an incident which shows that we still need to work with very basics of the security. No matter where the market around is travelling, it boils down to lack of hardening of the nodes, lack of security policies and procedures, unclear O&M processes and ultimately nobody taking responsibility on security.
Cost of an incident: huge
Cost of putting in place security controls afterwards: too much
Frustration level of a security professional: enormous
Did Snowden help to build security awareness: no – not really
We will tell you why.