The penultimate day of Hacker Halted gave us some more serious discussions focusing on some of the darker activities bad actors can involve themselves with online and in real life.
Chris Kubecka gave us details of her dealing with Boeing and how an attempt to highlight security concerns with software in planes was met with legal force instead of any sort of willingness to learn and prevent deaths. Very reminiscent of the scene in fight club where they discuss the formula used by car manufactures to decide whether they will either pay the fines or issue a recall of a vehicle for safety purposes.
Winn Schwartau presents his take on why the issues facing organisations in the cyber space will not be solved by newer/better technology because behind all the fancy new features they are still run by humans who have three major bugs : Ignorance, Apathy and Arrogance. Winn was in the industry way before most of the readers here and made a point which I have not heard before, that back before around 1984 there were plenty of women in the tech industry. Something happened around that time which seems to have driven out female participation in tech and for whatever reason has only started to be reversed recently.
Katelyn Bowden gives us some much needed education on the current state of revenge porn and keeps on fighting to help dispel myths held by people who have only heard the term in passing or read a single article about it in the paper. The pandemic seems to have led to a rise in non-consensual porn being used to exploit people by criminals looking to make money online now that some other offline sources have become unavailable for them. What used to be a way for ex-partners to feel like they are getting their own back is a fully fledged industry where the person distributing the photos has no relationship with the victim.
To show that cyber crime effects every industry we heard from Mauro Eldritch who shares a story of how he was approached subtly by criminals to help automate and digitize their coyote operations to help them smuggle more people across international borders by providing a fake facade that the person was being persecuted by their government so that they could claim special refuge status to move to another country. the second half of the story shows a very real step by step use of OSINT to help investigate the higher ups in this gang.
The day was closed by Charles Henderson with a look at what has changed for security teams now that so many people are working from home compared to the start of the year. 52% of staff in one survey claim to be using their own private equipent to carry out corporate work. With this much new hardware with varying levels of security tools installed it’s very likely impossible to find a technological solution which would work for everyone.
Urban Security Research 