Black Hat Roundup: Keeping Tabs on the Ones That Got Away
July 31, 2012 Leave a comment
- With the annual Black Hat event in Las Vegas, the global Internet community celebrates its felons.
- Like physical combat, Internet security requires a good understanding of enemy black hat strategies.
Last week saw Las Vegas hosting the 15th annual Black Hat event. From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas (still the main event with the highest stakes) to a global conference series with annual events in Abu Dhabi, Barcelona, Las Vegas and Washington, DC. From its nefarious roots, it spouts uncomfortable truths about the insecurities we face every day as global net workers. It’s difficult to find any other industry where crime and passion are so closely aligned and where ‘respect’ and ‘respectable’ are terms so far apart. Cyber-warfare for profit and power lacks any basic ‘Geneva Convention’ that could specify global rules of conduct and the means to prosecute felons.
The most prestigious prize at the 2012 Vegas Black Hat event, the Epic Ownage award, which goes to the hackers responsible for delivering the most damaging, widely publicized, or hilarious ‘ownage,’ went to the creators of Flame, an advanced persistent threat (APT) virus that masquerades as a Windows Update file and is thus able to install any software on any Windows device. Needless to say, no one came forward to pick up the award.
The event reminds us of the origins and evolution of the Internet – not as a product of international telco standards bodies, but emerging from the uneasy junction of anarchistic academia and military ruthlessness. Today, global business operations face significant elements of cyber warfare every day.
So, when CIOs and their IT departments address the daily barrage of user demands for more flexibility, as well as their executives’ demands for higher performance, lower cost and greater security, they must tread a fine line in their ever increasing dependency on the Internet and the error-prone code on which it is based. With the emergence of cloud computing, the notion of boundaries between enterprise networks and the open range of the Internet evaporates. With critical applications online, security becomes a question of defense in depth as well as constant monitoring of activities and trends in the black hat community. Is this part of your security routine? Do people from your security group attending events such as this to keep tabs on the bad guys?