SANSFIRE 2024: Keynote - 25 Years of the Internet Storm Center: Time traveling through sensor data
Some of you may remember Y2K. But did you know that it sparked what is now the Internet Storm Center? Travel along and follow me through time to see how attacks, actors, and victims have changed over a quarter of a century. Did you know that GIAC wasn’t a certification at all back in the day? Have you heard of “Leaves," “Code Red,” and “Nimda?" We will look at data showing how the survival time of a system connected to the internet has changed. How did Windows XP SP2 drastically change the attack landscape, and how did our sensor configurations change over the years in response? But this isn't just "story time." This is about lessons learned and projecting the future: How will you be able to survive the next wave? What would I tell "young Johannes" if I could actually go back in time? Find out the answers to all of these questions and be entertained by, yes, some stories (I will leave it up to you to decide if they are good or bad stories).
