Mirosław Maj has worked for NASK – the Research and Academic Computer Network – since 1995. Between 1996 and 1999 he was a member of the NASK Security Team. Simultaneously, he has been a member of CERT Polska since 1996, and in 2001 became the head of the team.

Mirosław Maj has performed the roles of organizer and lecturer in many conferences on IT security in Poland. He has initiated an awareness portal focusing on security issues, www.cert.pl, and a platform for cooperation among security teams of Polish ISP operators and web portals.

He has published several articles on IT security, especially statistics concerning security incidents and protection of critical IT infrastructures.

For many years he has been actively engaged in international cooperation among incident response teams, including his roles as a many-time member of the programme committee of the FIRST (Forum of Incident Response and Security Teams) conferences and a representative of CERT Polska in TERENA’s (Trans-European Research and Education Networking Association) initiatives: TF-CSIRT and Trusted Introducer. Since 2004 Mirosław Maj has performed the role of the Polish Liaison Officer of ENISA (European Network Information Security Agency) and has been a member of ENISA’s expert group for cooperation among incident response teams such as CERT.


ABSTRACTS

29 September, Tuesday, 14.45 - 17.00

Parallel session: Discussion panel - Blocking illegal content on the Interent - the role of ISPs

As the problem of illegal Internet content gains in importance, the debate concerning the means aimed at limiting that phenomenon is developing too. It has become evident in the course of that fight that actions need to be undertaken to eliminate illegal websites from the Internet. Actions of this type have to some time been carried out mainly through a network of the so-called hotlines. Practice indicates, however, that despite being incredibly important and useful, such actions prove to be by far insufficient. Therefore, discussions concerning other methods that can be applied are so crucial.

As it is always the case with safety-related discussions, the question concerning the role of telecommunications operators arises. They certainly have a great impact on what is going on on the Web, but on the other hand, an argument is voiced frequently that it is not their role to decide about the quality of Internet content. They are only tasked with ensuring proper functioning of the Web from the technical point of view, without assessing its content.

This is definitely just the beginning of a discussion “whether and what operators should do on the Web to limit illegal content?”. As a matter of fact, certain decisions in that field have already been made in many countries. Operators in Italy, Great Britain, Germany and Scandinavian states have become involved in filtering the Web content. The question remains what illegal content should be filtered out? Child pornography only, or perhaps other types of content as well (e.g. those promoting totalitarian regimes or xenophobic behaviors)? And if so, will we be dealing with censorship? One may ask many questions of this type. We will be trying to answer them during the conference, or we will at least discuss the most important issues, hoping that the discussion will bring us closer to effective and efficient solutions improving the safety of the Internet’s youngest users.

30 September, Wednesday, 12.30 - 13.00

Plenary session: Technical aspects of online safety

The history of what we used to refer to as hacking may be divided into distinct phases. Such an approach is confirmed by the very meaning of the notion, which was originally used to describe actions related to an in-depth analysis of the way that computers, operating systems and applications work, and which is nowadays used to relate to crime-like, or at least harmful actions. The situation with hackers is similar – from “playing” on the network and breaking in to computers “for the sake of it”, the process has evolved into purely crime-oriented actions, often carried out on a large scale. As a consequence, we have been observing, over the past decade, a very dynamic development of hacking technologies and tools harnessed to make money in an illegal way. Most of those tools and technologies were used to inflict mass-scale attacks, which – in line with the principle of probability – even if hundreds of thousands of computers had to be attacked, bore the results the criminals had hoped for. All that means that practically all of us are threatened by Internet attacks. If a computer is not properly secured – sooner or later it will be attacked with success. Practice indicates that unfortunately this will take place rather sooner than later, and research shows that an attack may take place even a few minutes after connecting the computer to the Web. It is therefore important to become acquainted with the most popular methods used by Internet criminals, to learn the techniques and social techniques with the help of which they may illegally get in the possession of our computer’s contents or use it to attack other computers.

During the presentation a number of real and typical Web attacks and the results thereof will be shown. We will discuss characteristic attacks involving viruses, worms or Trojan horses. Such knowledge may be effectively harnessed to identify the attacks, and to avoid them by employing proper technical security measures and by displaying safe Internet behaviors.