August 1, 2013
The Black Hat Security Conference is divided into two sections, trainings & briefings. The trainings began on Saturday and continued through Tuesday. As I mentioned, a co-worker and I attended some very interesting training around building active defenses.
However, today began the briefings. This is a multi-track format wherein security researchers, hackers, crackers, and other generally smart people present what the good folks at Black Hat deem to be important revelations pertaining to information security. The day began with a keynote address by General Keith Alexander, Commander of the U.S. Cyber Command (USCYBERCOM) & Director of the National Security Agency/Central Security Service (NSA/CSS) or ‘DIRNSA’ as some of us know him. Briefings followed immediately afterwards and continue until 6 PM.
Besides visiting the Sponsor Hall or as I like to call it ‘Swag Central', I attended four briefings today. Two of them got me thinking about not underestimating your opponent. The first was by Allison Nixon, who is a security researcher/penetration tester for Integralis. In Allison’s presentation, she discussed the use of Distributed Denial of Service (DDoS) protection services and how so many of them are trivial to avoid. Scary stuff indeed! The second briefing was presented by Matthew Cole, who is a journalist/producer at ABC News. Mr. Cole discussed the use of metadata from cell phones that foreign intelligence services used to track illegal spy networks in Europe.
Both of these briefings examined the ‘exploitability’ of victims because they do not consider the expertise of their ‘enemy’ to be meaningful or dangerous. The clear message from today is ‘don’t underestimate your enemy.’ I believe that the secondary message is to ‘keep good friends and to listen to them.' By that, I mean people and organizations don’t have to ‘go it alone.' There are people that want to help you with your security. Find people that you trust and help them, and then let them help you as well. A good team is much harder to defeat when there are multiple resources engaged.
Security Architect, Echopass