dark reading threat intel and cybersecurity news

DEF CON — Las Vegas — Halls stuffed with hackers lined up for hours for their chance to hone their skills on the latest tech, helped along by a volunteer army of so-called “goons” — it was a hopeful place to be last weekend during DEF CON 30.

Everyone wore masks so even the immunocompromised could participate. There was a trend toward focusing on using hacker powers to protect the population from utility breaches, smart car accidents, misinformation, and more. Giving the entire conference its reputational edge were rooms buzzing with information and the kind of immediacy and potency that made it feel almost subversive — punk rock, even.

Here are just a few of the highlights Dark Reading happened to find among the organized chaos that was DEF CON 30.

1. Merch Madness

The longest lines, by many hours, were those to get the latest DEF CON-branded merchandise. While some used the time to refuel with snacks, others put a little more thought into the break in the action. Take Brad Lindsley, who made his own “Linecon Bag” with a mounted gaming screen and controllers for four players.

“I was waiting in line for hours at another DEF CON and I was thinking about what I would want to do in line,” he told Dark Reading.

brad_lindsley_line_con_bag.jpg
Brad Lindsley shows off his Linecon bag. (Photo by Becky Bracken for Dark Reading)

2. IoT Village

DEF CON 30 hackers also had the option to ply their skills on dozens of Internet of Things (IoT) devices, including the Emergency Broadcast System and a Globecomm satellite system, thanks to the work of TIVO Trevor and the rest of the team, who spent the last 90 days building the IoT common control framework (CCF).

Trevor said that this year the IoT Village made the decision to shift its emphasis because of the shifting threat landscape that now focuses on infrastructure and other IoT devices.

“We’ve moved away from SOHO (small offices/home offices) to IoT this year,” he told Dark Reading.

TIVO_trevor_at_IoT_village.jpg
TIVO Trevor at the DEF CON 30 IoT Village. (Photo by Becky Bracken for Dark Reading)

3. Sink This Battleship

There were too many contests going on during DEF CON 30 to count. One big one was a version of Capture the Flag called “Can You Sink the Ship?” put on by Fathom5, which challenged teams of hackers to bring down their ship training module. The kickoff was preceded by more than a few rules laid out by Fathom5 CTO David Burke, who included an instruction not to tinker with the hoses underneath: “Please don’t spray hydraulic fluid everywhere around the room.”

can_you_sick_the_ship.jpg
Burke explains the ground rules of the contest. (Photo by Becky Bracken for Dark Reading)

4. Other Challenges Accepted

Other, less elaborate contests included a collection of Capture the Flag versions, Red Team challenges, and even a DEF CON Scavenger Hunt.

contest_village_leaderboard.jpg
One of the many contest leaderboards projected around the DEF CON Contest Village. (Photo by Becky Bracken for Dark Reading)

5. The Voting Village

Noted voting-machine researcher Harri Hursti, representing the Election Integrity Foundation, brought in a collection of voting machines currently in use across the US for hackers and conspiracy theorists alike to try out and challenge their security.

Dark Reading ran into a group of hackers giving one of the US voting machines a careful look. Asked if they thought they might be able to crack into it, one of the group responded, “I don’t know if we can, but it’s fun thing to play with.”

voting_machine_hackers.jpg
Voting machine hackers, from L to R: Wkampbel, Segzf4ult, Cole Knight, James, Semifour. (Photo by Becky Bracken for Dark Reading)

6. The Signage

Even the signage spread out around DEF CON 30 was flair-forward, with an array of clever quips, dazzling digital renderings, and just straight-up art. Here is just the tiniest taste of what was on display.

chill_out_room.jpg
The Chill Out Room at DEF CON had an elaborate stage for DJs and performances. (Photo by Becky Bracken for Dark Reading)
wash_your_inputs.jpg
Signage at the lock-picking area at DEF CON. (Photo by Becky Bracken for Dark Reading)
wall_projection.jpg
Wall projection over main DEF CON 30 entrance. (Photo by Becky Bracken for Dark Reading)

7. Brain Hacking & Misinformation

An entire village at this year’s DEF CON was dedicated to misinformation. With phishing and social engineering still driving so many successful cyberattacks, Dr. Matthew Canham of Beyond Layer 7 gave a presentation on cognitive security, which essentially means blocking attackers from compromising the brain itself. From optical illusions to instances like Cambridge Analytica’s practice of building psychographic profiles to target victims, brain hacks are here and getting more sophisticated, according to Dr. Canham.

misinformation_village.jpg
Misinformation Village information screen prior to Dr. Canham’s presentation. (Photo by Becky Bracken for Dark Reading)

8. The Traditions

This year was Michael Bargury’s debut on the DEF CON stage. That meant that before he kicked off his presentation about codeless malware, the CTO and cofounder of Zenity (and Dark Reading columnist) engaged in a DEF CON tradition… he did a shot, along with his “goon” who gave the introduction. After a few seconds and just one wince while the liquor went down, Bargury was officially inaugurated into the DEF CON speaker’s club and ready to go.

no_code_maleare.jpg
Bargury takes the podium following his inaugural shot of courage. (Photo by Becky Bracken for Dark Reading)