Thales Blog

Defcon > Black Hat: Our Take On Summer’s Biggest Cyber Conferences

August 11, 2016

black hat and defconFrom Matt Jochim and Paul Cleary.

Last week, we attended both Black Hat and the Defcon Hacking Conference. If that sounds like a lot of the same…well, it’s not. Black Hat is becoming more like RSAC every year, in that it’s focused more on corporate sponsorship and mainstream security topics and less on hacking. When it comes to hacking, though – unless the tides dramatically turn, it seems like we’ll always have Defcon.

Defcon is a veritable carnival for IT security experts. There are many fun (and scary) attractions, and it’s up to the visitor to figure out what to explore next. These are seriously tech-savvy attendees that are out to hack your person in any way, shape, or form. There’s a good reason Defcon attendees are strongly encouraged to leave their laptops and phones at home.

Click to Tweet: Our take on Defcon & Black Hat from @paulternate

Although this may all sound quite malicious, it’s not. While there are inevitably some genuine bad apples among the bunch, most folks attend Defcon to learn and improve their employer’s overall security posture. Trust us; we stood in on presentations that were 400-500 people deep as we sought to soak our brains with knowledge.

Speaking of presentations, we thought it would be fun to expand on a couple sessions we found interesting:

Direct Memory Attack the Kernel:

In this cool direct memory hack presentation, hackers were able to dive into operating systems and then grab memory dumps from the system. Once they had kernel access, they were able to open up a direct line of access, even going so far as providing themselves a remote shell. This was particularly interesting, because it demonstrated how physical theft is one of the easiest ways to get access to anything. In this case, the hacker simply went around with a PCI express card, plugged it into a laptop, and was able to access what he wanted.

How to Overthrow a Government:

Yup, the title stood out to us, too. In this presentation, Kustodian CEO Chris Rock expanded on how hackers could stage a coup. As part of his research, he worked with former mercenary Simon Mann and leveraged his own former experience hacking for the Kuwaiti government. According to Rock, there are three ways to stage a coup 1) plan a revolution 2) rig elections 3) hack. In many countries around the world, option three is the most viable.

“Hacking to coup” entails gaining control of government data sources, major media conglomerates and of course, spying on government officials. If you’re thinking this type of hacking must be complex, think again. One of Rock’s main points is that hackers should stick to proven methods that drive results.

What was the motivation behind Rock’s presentation, you ask? Well, apparently he’s pretty disconcerted that most government officials are more concerned about ISIS than they are about the havoc hackers can wreak. After this talk, we’re wondering if that’s still the case.

Back to Reality

While we don’t discount that hackers *could* overthrow a government, we also realize it’s not a day-to-day concern for most companies out there. So, let’s step away from the shiny objects and talk about the main message we took away from Defcon: hackers are going to get in.

Yes, they are. There’s no doubt about it. Which brings us to our next question, one that’s relevant for readers: How are we going to protect that data once they do get in?

Sensitive data is everywhere, after all – in the cloud, on IoT devices, on big data platforms. As our CEO Alan Kessler put it, “We live in a world of malware, ransomware, spear phishing, insider threats, nation-state attacks, APTs, SQL injections and social engineering.”

This is where companies like Vormetric come in. While we, like every single security vendor out there, are not able to prevent 100% of hacks 100% of the time, our toolbox of encryption solutions makes it much more challenging for hackers to actually do something productive with hacked data.

It’s a scary cyber world out there. Defcon made us even more scared. But, shaking in our boots isn’t really an option; rather, we have to continue doing the best with what we have, innovating to make it even better, and staying smart. Vormetric (and both of us) are up for the challenge.