‘Treat it like China’: How U.S. officials stay safe, and have fun, at the world’s biggest hacking conference

/in


When you spend three days with 30,000 people who love cracking code, you’re always just one errant click away from sheep-dom. In fact, fending off the maze of Wi-Fi sniffers, hardware hackers and social engineers at DEF CON is a little like going toe-to-toe with elite, state-backed cyber spies, according to one senior State Department official.

“Almost treat it like going to China,” said the official, granted anonymity to offer frank and colorful advice to a DEF CON first-timer. “Really treat it like going to a technologically sophisticated peer competitor.”

At this year’s conference, which wraps up Sunday, the Wall of Sheep was located in a dimly lit auditorium off the main conference floor. It included, for the first time ever, a live feed with the location of individuals who were leaking data. As of Friday afternoon, there were at least 2,000 sheep at DEF CON, per the floor-to-ceiling projection. Their personal information was, mercifully, partly blacked out for privacy reasons.

Since the first-ever convention in 1993, DEF CON has brought some of the world’s most talented computer security wizards into the Las Vegas desert to scour software, hardware and networking equipment in search of vulnerabilities.

Operating under the principle that the best way to secure computer code is to expose it, attendees have demonstrated some truly jaw-dropping research over the last three decades. They’ve taken over the controls of cars, tricked ATMs to spew out cash and sent insulin pumps into overdrive, to name a few memorable hacks.

Feats like that have turned the convention into an increasingly common pit stop for top U.S. government officials, dozens of whom are in attendance this year. DHS Secretary Alejandro Mayorkas, CISA Director Jen Easterly and Acting National Cyber Director Kemba Walden are all in Las Vegas for DEF CON and Black Hat, its more corporate-friendly counterpart.

But the convention didn’t earn its reputation as “the world’s most hostile network” just because of what happens on the main stage.

“There is a criminal ecosystem out there,” said Marc Rogers, the conference’s head of security. “You probably don’t want to access your…

Source…