LAS VEGAS – Blackhat or DEFCON? It’s always a tough choice. Too many days in Vegas makes me nuts, so I tend to stay for all of Blackhat but only Friday for DEFCON (then fly home Saturday).
Maybe next year I’ll just do one day of Blackhat and stay through DEFCON, because some of the most interesting things actually happen at DEFCON – a more anarchistic, and far less expensive version of Blackhat.
For example, John McAfee was a surprise headliner at the Rio Hotel ballroom to a standing room only crowd.
Wish I hadn't missed that.
What I did glean from my DEFCON visit on Friday was that, for all the work vendors are doing to monitor for new threats and vulnerabilities (see previous blog), hackers are one to three steps ahead. And if the good guy hackers at DEFCON (who explore technical weaknesses and report on them) are doing this, you can bet that the bad criminal crackers are also testing the same things.
The talent at DEFCON was teaching how to embed and hide from new monitoring technologies and analytics/intelligence reporting tools represented at Blackhat. They also demonstrated how to detect “Things,” hack PoS devices, embed deeper into Windows systems, hide in cookies and more.
This can be seen as a negative; but I see it all as a positive: The more we know about hiding and exploit techniques, the more intelligence we can put into our systems to detect them.
It’s especially promising when you hear how much mentoring goes on at DEFCON. This year, about 150 young were having fun learning ethical means of hacking and testing systems. The halls and rooms were filled with new faces, while those with the graying hairs were herding and leading them along.
Despite all the bad guy crackers out there, the good guy hackers are growing and maturing into a true cyber force to be reckoned with. That should comfort the old-timers who someday will be handing the full mantle and responsibility for cyber security testing (and mentoring) to the next generation of cyber warriors.