Computer hackers and defenders mix in Las Vegas

AFP FILE PHOTO

SAN FRANCISCO – Rival factions from the Internet security world will mix warily this week at a pair of Las Vegas conferences gathering computer security experts and software savants who make sport of hacking them.

More than 6,500 high-level security experts will attend the Black Hat conference already under way, with many apt to swap surnames for code-names and stay for the infamous Def Con gathering of hackers that starts on Thursday.

Black Hat plays out in posh ballrooms at Caesar’s Palace on the Las Vegas strip with big-name sponsors including Microsoft, Qualys, Looking Glass, Cisco, IBM, Hewlett Packard, and Amazon.com.

Def Con unfolds in the Rio hotel and casino on the opposite side of the Las Vegas Freeway, with attendees plunking down $200 each in cash to hear how to crack anything from smartphones and power grids to door locks.

While Black Hat has invitation-only evening soirees at hot clubs, Def Con draws crowds to its annual Toxic BBQ in a local park, “Hacker Jeopardy” team drinking games, and all-night hacker duels.

As different as the Black Hat and Def Con scenes may seem, the realms have been converging with the shift of threats from brilliant kids showing off online to cyber attacks by nation states, industrial spies, and criminal gangs.

The founder of both Def Con and Black Hat, Jeff Moss, is now chief of security at US-based Internet Corporation for Assigned Names and Numbers, the agency in charge of website addresses.

Security firms started by longtime Def Con hackers or which have hired them for key positions have become key players at Black Hat.

A “Spot the Fed” game that began in early Def Con days as a way to ferret out undercover cops has evolved into a playful way to break the ice between hackers and police who attend to sharpen crime fighting skills and recruit talent.

Def Con on Saturday revealed that this year’s “top-secret VIP speaker” will be US National Security Agency (NSA) director General Keith Alexander, who will give a presentation titled “Shared Values, Shared Responsibility.”

“Dark Tangent has been working to get a speaker this high-profile from the NSA for quite a long time, and we’re excited that he’s coming to our 20th anniversary shindig,” Def Con said at its website, referring to Moss by his hacker name.

Press covering Def Con were sent safety tips that include shunning bank teller machines near the conference because of potential hacking and shutting off wireless connection features on all gadgets to thwart cyber attacks.

“You are entering one of the most hostile environments in the world,” Def Con organizers warned. “Prepare to hack and be hacked.”

After leaving Las Vegas, change all online passwords just to be safe, Def Con organizers added.

While the potential to hack into power plants, mass transit systems and other high-profile targets grab headlines during the back-to-back gatherings, ramped up attacks on smartphones will be among hot topics for attendees.

“The biggest trend of the moment revolves around mobile devices,” said Qualys director of engineering Ivan Ristic, who will give a Black Hat presentation on tightening security at websites.

“Every single year we see a greater diversity of mobile devices used in every layer of our society,” he continued.

“There is an increasingly hostile environment and yet an increase in the exchange of information.”

Smartphones and tablet computers have become popular devices for online shopping, banking and other exchanges involving potentially valuable personal information.

Black Hat briefings at which findings are presented will begin on Wednesday.

“I’ve been attending Black Hat for years; the most popular talks are those demonstrating how to break things,” Ristic told AFP.

Read more...