There are world conferences, and there are world conferences. And then, there is Def Con! Forty thousand attendees gathered in Las Vegas this month at Def Con, an annual conference dedicated to hacking and cybersecurity. Â
The people who come to Def Con from all over the world are computer scientists, IT professionals, journalists, students, spies, cyber security experts, law enforcement, military agencies and hackers of all stripes, including black hat hackers (criminals) and white hat hackers (cyber heroes). It’s a jolly, colorful group. A lot of t-shirts and cargo shorts, wearable LED lights, tinfoil hats and badges to buy and trade that double as video games.
People go to Def Con to learn about the latest security failures and successes. Subjects covered are wide and varied. Among topics covered in talks this year were security for the IOT (Internet of Things), social engineering, food supply chain threats and satellite hacking. Ukraine’s deputy chairman of the State Service of Special Communication and Information Protection, Victor Zhora, spoke about cyber security in war.
Def Con is organized into a variety of “villages” that focus on different cybersecurity topics, such as aerospace, cloud security and critical infrastructure security. Within these topics or villages, there is serious training in cyber security for attendees.
History of Def Con
Def Con was started in 1993 by then 18-year-old Jeff Moss. The name, Def Con, comes from the movie, War Games. This refers to the Army’s Defense Readiness Condition, which are states of readiness under threat of attack.
Def Con was, originally, an underground kind of conference of maybe 100 attendees that has grown into the world’s largest hacking conference.
John Sakellariadis and Joseph Gedeon, writing for Politico, state, “Operating under the principle that the best way to secure computer code is to expose it, attendees have demonstrated some truly jaw-dropping research over the last three decades. They’ve taken over the controls of cars, tricked ATMs to spew out cash and sent insulin pumps into overdrive, to name a few memorable hacks.”
A conference with 30,000-40,000 hackers is the perfect place to test the vulnerabilities of a program. It’s a peer review experience! The conference sets up “red teaming” contests that unleash hackers on various programs to see if they can be broken.
Red teaming occurs when ethical hackers are authorized by an organization to emulate real attackers’ tactics, techniques and procedures (TTPs) against their own systems. It is a security risk assessment service that an organization can use to proactively identify and remediate IT security gaps and weaknesses. Red teamers don’t cause actual damage. Instead, they expose cracks in an organization’s security measures using all the hacking tricks they know.
Def Con organizers set up contests to crack candidate programs, motivating hackers with serious prize money. This year, they set up the mother of all contests…..Def Con vs. Artificial Intelligence (AI)
The Def Con-AI Challenge
