Techdays 2013, The new oil is unprotected

When you dive into a dark theater on the first sunny day after a the darkest winter you've ever seen it better be good, and it was. First day schedules deep dives on ALM, security, SharePoint and Exchange. Not my favorites at first glance until I admitted I need the ALM testing cycle and I figured out there's only one way to learn security and that's how to break in. And which techy didn't dream of being the authority deifying hacker, breaking through NSA's security while being distracted by incredibly gorgeous women. I admit I did. But I never did see myself as an actual hacker. Somehow it all seemed too mathematical  unrealistic and complicated. And after seeing this morning sessions, I wish it was. I knew today's hackers were actually trained professionals, often military but I at least suspected it to be mathematical, unrealistic and complicated and I learned it's not.

Paula "never thrust a blond" Januszkiewicz, ruled on techdays 2013!

How do they do it? Well first they need to get their foot through the door. This often requires some "social engineering" which might feel like cheating to the hard core engineers but admit; how hard can it be to get a random secretary to open a perfectly honest, but urgent looking word or excel file. And rest assure, after this little mistake the floodgates are open. I won't get into details but they will. Enjoy I did.

On a final note, don't (always) blame the Chinese. Yes they are the guilty ones in many series and in the infamous Mandiant report. But many nations keep binary soldiers (Remember Stuxnet ?) and they should. Information is the new oil and as it seems, it's virtually unprotected.