© 2020 Texas Public Radio
Real. Reliable. Texas Public Radio.
Play Live Radio
Next Up:
Available On Air Stations
Technology & Entrepreneurship

Black Hat and Defcon Mean A Big Week Week For Cybersecurity

Pixabay http://bit.ly/2qrv6CY

Saturday, Black Hat USA opened in Las Vegas and will end on the same day Defcon begins making this week very important for cybersecurity professionals. The deluge of hacker happenings, from networking and groundbreaking research to new products and new hacks makes it a must for San Antonio security firms.

Larry Hurtado, CEO of Digital Defense Incorporated, estimates that 15-20 local firms will be present saying the week could represent a lot of business.

"There are definitely deals that are going to be won in and around Black Hat," says Hurtado. 

Digital Defense is a sponsor of the event and Hurtado says he and other staff will be there reconnecting with the community as well as talking about their products.

John Dickson with Denim Group says the multiple conferences, private meetings and happy hours, make the week a blur.

"But it is also quite an efficiency play. Instead of flying all over the planet to meet with folks, they all come to one place for one week." 

Nation state cyber security attacks and popular ransomware attacks like the recent New Petya attack will be big topics of conversation at the conferences.

Hundreds of vulnerabilities will be presented on devices and software like popular operating system, Windows 10. Dickson estimates there were 500 presentations last year between the two conferences, and far fewer than half applied to him or his business.  

When it affects a tool they use, Dickson says that could mean lots of additional work as a result, but he is often surprised by his colleagues' discoveries and methods. 

"That's why it's exciting because you kind of know, but you don't fully know till you get there. And there's that hubub and there's the human interactions between people in industry [asking] 'What are you seeing? What are you seeing?' and, you know, that's the part that's the fun part that doesn't get old."

Black Hat and Defcon have both been around for a long time. Black Hat turns 20 this year and Defcon holds its 25th conference. Both have grown from a few hundred to tens of thousands of participants, but the conferences have evolved in different ways. 

Black Hat is the more corporate of the two, where business leaders go to make the big deals, and more mainstream security research is done. The program is sponsored hundreds of companies -- like Cisco, IBM, and Raytheon. 

Credit Wikicommons
The Wall of Sheep at Defcon 22 shows stolen login credentials from conference goers who didn't observe proper cybersecurity protocols

Defcon is known for its irreverence.

"I don't take a computer. I don't use any ATMs while I am there. I turn my phones WiFi off," says Jungle Disk CEO, Bret Piatt explaining that pranks are the norm at Defcon.

Skimmers have been installed on the ATMs to steal credit card numbers. Fake public WiFi hotspots have been posted, and other methods have been employed to steal and publicly embarrass Defcon goers on a wall showing people's private login credentials. 

Both conferences will be monitored closely for new vulnerabilities though.

"We'll absolutely be paying attention, says Piatt. Despite his team not traveling to the conferences this year, they will be watching Twitter for potential announcements impacting their work.

"If a new category of attack comes out against something that we're doing in our infrastructure to secure our customers today, we have to be sure we are staying on top of that," he says.