You may have noticed a significant increase in the amount of bug reporting and network exploits last month. Interestingly this spike is in part a result of the season: August is when two of the largest hacker conventions are held each year.
DefCon (not to be confused with the NORAD U.S. defense alert status developed 1959) is actually the world’s largest and longest running hacking conference. Its name originated from the 1983 movie WarGames starring Matthew Broderick, Ally Sheedy and directed by Jon Badham. DefCon was established by Jeff Moss (also known as Dark Tangent) in 1993 and was nearly accidental in its formation, as originally it was meant to be a going away party for a systems operator who was moving. When the systems operator up and left prematurely, Moss decided to invite everyone in his network anyway. The gathering was such a success that it became a conference where anyone involved in computer security or even someone with a general interest in computers could convene to learn industry best practices in preventing or promoting hacking in any of its forms.
Over the years DefCon has become known for its events, challenges, competitions and badges. The badges are more often than not PCB boards with LED accents which change yearly. Some of the most coveted badges are top tier keepsakes which are earned as a result of winning challenges. DefCon tends to be very informal and is usually geared around non-corporate entities with a party atmosphere.
Blackhat on the other hand is quite the opposite. Started in 1997 also by Jeff Moss, this hacking conference immediately precedes DefCon and has a very corporate atmosphere. It is usually more of a place to sit through lectures and trainings and to network with other security-minded individuals. You can expect to see vendor displays and briefings with many freebie exchanges for contact information to facilitate sales between businesses. The lectures from both events are posted on YouTube and most of them are very informative, entertaining and worth a few minutes of your time.
So why exactly do you need to pay attention to either of these two conferences? Simply put, when you have a gathering of hackers this large, there is always an effort to show off and show up their peers. In the past few years there have been several cybersecurity issues uncovered which may have affected your personal or business technology.
For instance, in 2018 after the voting fraud that occurred during the previous elections, DefCon made news when a 10 year old was able to successfully hack and change results on a replica Florida state website in under 10 minutes. If that’s not enough to pique your interest, this year over 35 bugs were found in office printers that offer back doors to your network. Also disclosed was a vulnerability in Canon DSLR firmware that can be used to ransomware your photos on the SD card while still in your camera.
With hackers providing us countless examples of security gaps, this is a very good time of year to do a “tech gut check” and figure out where the vulnerabilities are in your personal and office networks. Here’s a link to Threatpost.com which has compiled all of the interesting news out of this year’s DefCon that might apply to you. Browse through it and by all means, take note of the issues that have come up this year: forewarned is forearmed!