Hacker Halted 2020 – Day 4

The penultimate day of Hacker Halted gave us some more serious discussions focusing on some of the darker activities bad actors can involve themselves with online and in real life.

Chris Kubecka gave us details of her dealing with Boeing and how an attempt to highlight security concerns with software in planes was met with legal force instead of any sort of willingness to learn and prevent deaths. Very reminiscent of the scene in fight club where they discuss the formula used by car manufactures to decide whether they will either pay the fines or issue a recall of a vehicle for safety purposes.

Winn Schwartau presents his take on why the issues facing organisations in the cyber space will not be solved by newer/better technology because behind all the fancy new features they are still run by humans who have three major bugs : Ignorance, Apathy and Arrogance. Winn was in the industry way before most of the readers here and made a point which I have not heard before, that back before around 1984 there were plenty of women in the tech industry. Something happened around that time which seems to have driven out female participation in tech and for whatever reason has only started to be reversed recently.

Katelyn Bowden gives us some much needed education on the current state of revenge porn and keeps on fighting to help dispel myths held by people who have only heard the term in passing or read a single article about it in the paper. The pandemic seems to have led to a rise in non-consensual porn being used to exploit people by criminals looking to make money online now that some other offline sources have become unavailable for them. What used to be a way for ex-partners to feel like they are getting their own back is a fully fledged industry where the person distributing the photos has no relationship with the victim.

To show that cyber crime effects every industry we heard from Mauro Eldritch who shares a story of how he was approached subtly by criminals to help automate and digitize their coyote operations to help them smuggle more people across international borders by providing a fake facade that the person was being persecuted by their government so that they could claim special refuge status to move to another country. the second half of the story shows a very real step by step use of OSINT to help investigate the higher ups in this gang.

The day was closed by Charles Henderson with a look at what has changed for security teams now that so many people are working from home compared to the start of the year. 52% of staff in one survey claim to be using their own private equipent to carry out corporate work. With this much new hardware with varying levels of security tools installed it’s very likely impossible to find a technological solution which would work for everyone.

Advertisement

Hacker Halted 2020

Due to Covid-19 the EC-Council have decided to make this years Hacker Halted conference an online affair and lowered the cost of basic entry to 0. The event is in it’s 14th year and looking through past events it looks to be a classic collection of guest speakers covering a wide array of cyber security topics. From the technical sides of offensive and defensive cyber security to the “softer” topics of hacking people and getting more people interested in careers in cyber.

EC-Council make their money by selling training certs so this event is likely going to be heavily aimed at getting people interested enough in Cyber to buy one of their courses but as long as the talks deliver some interesting knowledge before trying to sell anything I don’t see a problem with it.

If anyone wants to register you still have a few days to visit their site :https://www.hackerhalted.com/registration/

Once registered you should receive an e-mail with instructions on how to download the Hacker Halted app which currently has details of confirmed speakers and various games which will start once the event goes live (Although currently the games seem to simply involve watching and reading all the content from the conference) Including an interesting version of Jeopardy which appears to award points for getting drunk while playing.

The Agenda looks fairly busy with enough talks to keep most people busy if they are also working full time jobs and trying to view this in between meetings or after work. A lot of the scheduled slots are replays of previous talks so if you needed to stream something live you may be able fit it into your life. Or if you want to watch everything as it is released you should be very comfortably able to get through everything with the length of breaks in between each event.