Notes from HITCON Pacific 2016
Hacks in Taiwan Conference (HITCON) Pacific 2016 was held in Taipei city, Taiwan from the 27th of November to the 3rd of December this year. The concept of this event is about “The Fifth Domain: Cyber | Homeland Security”. This HITCON Pacific 2016 is more formal event than HITCON Community 2016 which we attended last summer..
More than 500 participants from around the world attended the event, which included technical trainings, security conference and capture the flag (CTF) competition. We met many high-skilled malware analysts, incident responders, security researchers and professionals at this event to discuss some of the most recent topics in the field of cybersecurity: Ransomware, ATM hacking, IoT security, machine leaning and targeted attacks. Based on our experience, this event is one of the brightest international security conferences in Asia-Pacific region. One of the organizers, Mr. Sung-ting Tsai, opened the conference with the following words: “HITCON is not only running community and technical topics, in HITCON Pacific we are also concerned about the strategic and operational issues. HITCON Pacific is providing an international platform to connect and collaborate with enterprises, governments, vendors and security experts, especially in Asia Pacific region.”
The conference has been recognized by the local government. One of the most honorable keynote speakers of this event was the president of Taiwan, Tsai Ing-wen (蔡英文). To our knowledge it’s the first time ever, a president of a country or region comes to do the opening speech at information security conference. Such special attention of the president reflects Taiwanese government concerns about improving cybersecurity in Taiwan and the whole Asia Pacific region. She said during her keynote speech: “The spirit of hacking culture is in stepping out of tradition and fighting against the present situation. Governmental organizations need such spirit to cultivate innovation”.
Two speakers from Global Research and Analysis Team (GReAT) of Kaspersky Lab also presented on the same stage: Vitaly Kamluk and Suguru Ishimaru (that’s me).
Vitaly talked about Yara techniques with some of the most remarkable stories, including finding 0-day exploits in Microsoft Silverlight. Surprisingly for the organizers and the audience Vitaly presented with 0 slides during his 40 minutes talk. All the contents he showed was Yara tool output in a terminal session, which looked like live demo but with nice ASCII art and dynamic transition effects. His presentation style was very innovative and widely discussed after his speech.
I attended Hitcon Community conference earlier this year and liked the conference so much that I decided to come again as a speaker. Needless to say it was challenging for me, because I have never presented on such large stage outside of Japan before. Also, I had to present in English, which is not my native language and isn’t my strongest skill.
I talked about malware discovered in targeted attacks which focused on Taiwan and Japan. My talk was titled “Why corrupted samples in recent APTs?”. The talk covered some of the new techniques that were used to prevent automated malware analysis, resulting in erroneous marking of the samples as corrupted. I showed a live demo of such samples, which would cause system exception on any system except the system of the victim.
We had a chance to attend many other rgreat talks by security researchers. Some of the talks we liked included: Ryan Olson from Palo Alto Networks, who talked about “Target Identification through Decoy File Analysis”, Takahiro Haruyama from Symantec who made a presentation about “Winnti Polymorphism”, Kyoung-Ju Kwak from Financial Security Institute, with his talk “Fly me to the BLACKMOON”, and Philippe Lin and Ricky Chou from Trendmicro, who talked about “Experience of Microsoft Malware Classification Challenge”. You can download the slides and agenda from official website of HITCON Pacific 2016.
In conclusion, HITCON Pacific 2016 was fantastic event and I definitely recommend it to all the people who would like to explore cybersecurity arena in Asia Pacific. The organizers kindly offered free simultaneous translation from/to Chinese which built a unique bridge between rather closed Chinese speaking security community and the rest of the world. For me personally this time was a very meditative thing: my first challenge of presenting at international conference in English, an honor of meeting the president and delivering a talk on the same stage.