Generally, our regular APNIC Training tutorials are composed of our existing courses, with formal presentation slides and a number of different tools, for example, a projector, white board and flip chart, etc.
However, I had quite a unique experience at the recent PacINET 2014 Conference in Rarotonga, Cook Islands. Participants at the Internet Security session were more interested in having an informal discussion of the topic and asked a lot of questions in relation to that. While the participants were not our typical network operator or engineer-type attendees, it highlighted to me that Internet end users, while still interested in Internet cyber security incidents, were more interested in understanding the type of incidents they could be exposed to and how they could protect themselves, rather than an in-depth session of recent cyber-security incidents such as the stolen passwords in the LinkedIn case.
The attendees shared some of their own cyber-security experiences, including one who through the guidance of a friendly computer expert, identified malware secretly hiding in her computer, which enabled illegal access to her bank account. The malware captured everything she typed into her computer, and emailed the text to the author of the malware, who was then able to use her banking username and password to hack into her account. During the discussion, we realized that she probably unknowingly downloaded some malware from an untrusted website. We then talked about steps to mitigate these incidents and reiterated how important it is to only download content from trusted sites.
So, while this was not a typical tutorial session, it still proved to be extremely useful to our attendees as we were able to share common issues and the steps required to remedy them. I was very pleased to have been able to be a part of the discussion and hope the information I conveyed was valuable to the attendees.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.