CyberDay.lu: cybersecurity, constant vigilance required


On 6 October 2020, the 3rd edition of CyberDay.lu, the cybersecurity event for research and education in Luxembourg, was held in Esch-Belval, where many recommendations were shared.

Organised since 2018 by the Restena Foundation and the University of Luxembourg, CyberDay.lu had to exceptionally reinvent itself in 2020 in order to meet protocols and health restrictions imposed by the COVID-19 pandemic that Luxembourg, as other countries in the world, is facing. Only around twenty participants could physically attend the event traditionally organised in Esch-Belval in the premises of the University of Luxembourg: BTS Cloud Computing students and BTS Telecommunication Networks students from the Lycée Guillaume Kroll in Esch-sur-Alzette. In parallel, nearly 80 people, mainly from the academic world, the private sector and the national education system, gathered behind their screens.

The importance of protection and vigilance

At CyberDay.lu 2020, cybersecurity specialists from BEE SECURE, GOVCERT.LU and SECURITYMADEIN.LU have succeeded one another, joined on stage this year by those from POST Luxembourg, Telindus and the European Commission. In turn, they shared their knowledge, experience and, above all, their recommendations on a wide range of topics:

  • Having strong passwords, updating software and firmware, segmenting and filtering networks or checking contracts, general terms and conditions for privacy issues and using only things that we really need are of crucial importance in regard to physical objects connected to the Internet and transmitting data online, i.e. the Internet of Things (IoT).
  • In terms of telecommunications security and in particular phreaking, a type of hacking specific to telecommunications environments, it is recommended to never call back suspicious 'One ring' numbers (which are cut off after the first ring), to keep Personal Identifying Information (PII) secret as much as possible, to use only legitimate stores (such as App shops, Google Play) and to contact the operator in case of abnormal service loss.
  • To guard against cyber attacks, it is also recommended not to open dangerous files, to use strong authentication, to download apps only from an official store, to verify links, and to have but not to rely on antivirus.

Alongside these recommendations, the suitability of the Apache Kafka tool to deal with growing threats has been demonstrated. Available on GIThub, the tool allows GOVCERT.LU to have horizontally scalable, highly available and high-performant log structure to store and manage the data collected to hunt threats. The results of the ‘Telindus CyberSecurity Report 2019’ study highlighting how Luxembourg companies manage security incidents were also presented. An exercise in computer forensics which brought to light some curiosities was proposed to the participants. The related teaching material is available on the website of the Computer Incident Response Center Luxembourg (CIRCL) of SECURITYMADEIN.LU to replay the experience. Finally, to close the event, the European priorities in terms of cybersecurity were discussed.

A week dedicated to cybersecurity in Luxembourg

CyberDay.lu 2020 was organised for the third consecutive year as part of the European CyberSecurity Month (ECSM). This annual awareness-raising campaign, organised by the European Cybersecurity Agency (ENISA), the European Commission and the Member States, is supported in Luxembourg by the Ministry of Economy in the framework of the Cybersecurity Week Luxembourg

Around thirty national and international companies, professional associations and public institutions will take part in this week, which will run from 19 to 29 October 2020. The full programme of events can be found on www.cybersecurityweek.lu.

Relive the event by watching the CyberDay.lu streaming video and the photo gallery or by accessing the presentations on the event website: cyberday.lu