Blackhat 2011 – Briefings Key Note and Stuff?
August 2011 by Michael Hayes CTO of B-4-U Inc. / ROBOTS-4-U
Over the last two years, Blackhat has been growing and changing and this year was no exception. Attendance is up, vendors are out in full force and the speaker list is gelling. With this in mind, some of the major tracks included this year cover “Bit Flow”, “Threat Intelligence” and “Breaking Software”. Of notable interest is “Macs in the age of ATP” and “Weapons of Targeted Attack”, within threat intelligence”, Dan Kaminsky is also presenting “Black OPS of TCP/IP”, which looks like another key set of discussions.
Michael Hayes CTO of B-4-U Inc. / ROBOTS-4-U
The general sense is that there are a lot more issues bubbling up to threaten the network; including the increased number of access points in the network due to the preponderance of smart devices, this is clearly impacting the topology and security of the network as we know it.
The numbers of attack vectors that affect a Government, Institution or Enterprise are rising asymptotically, with both new attack vectors based on texting, WEB 2.0 threats, and a variety of infrastructure threats, plus smart devices. With the complexity of the network, and the increased number of attack vectors, plus the impact of WIKI Leaks influencing corporate security, the challenges for the security professional are increasing and becoming more challenging.
Jeff Moss as the lead executive for Blackhat, introduced a number of key facts:
15 years of Blackhat this year.
BlackHat has been a good predictor of new threats – with short-term impact 4 to 6 months.
Blackhat is moving back to its roots, with speaker review board and more technical presentations.
Trends continue dealing with Data Loss, Business Continuity and, Web Access 2.0.
The USA has published its National Cyber Security Goals and Policies and, maybe, the low hanging fruit of Child Porn and SPAM as universally agreed can promote international efforts.
The message at Black Hat is that we are committed to Security and its members “Do It”. A CSO’s approach to Legacy systems and security is as an insurance, while new applications and networks are discussed in terms of bottom line impact and ROI. Blackhat has come a long way in 15 years.
The Keynote speaker on day one is Ambassador Cofer Black of the USA. He introduced a number of issues and early warning issues of terrorism and related them to the world of INFOSEC and its global Nature. He also related his TWILIGHT Moment, 4 Aug 2001, regarding the Emerging threat Terrorism and its inevitable translation to the US reality of 9/11, and the potential challenge of the Cyber equivalent. He told the audience that there will be major attack in the future, and it is now “Our” turn to help convince management, leaders of both government and business, that this will come and we need to plan for it, whether it is an individual or a state-sponsored attack.
WARNING OF A MAJOR THREAT IN THE FUTURE.
The Crisis of Ambassador Cofer Black was 9/11 and Al Qaeda, Al Qaeda was originally thought of as provider of funds of terrorist groups, not a player, but this view was wrong. The prevailing administration view at that time was “Terrorism is funded by Nation States”, not an independent organization, providing their own funds and managing their activity. The key concern today is that terrorist groups are focused on violence, not Cyber terrorism.
Again, the Ambassador highlighted that there is a parallel to the pre-9/11 event, that administration and corporate executives have not bought into the concept of a Cyber terrorist attack. The attack in cyber space is not just about bits and bytes being stolen, but the potential of a cyber attack translates to real damage of physical infrastructure and human life.
In the case of the pre- 9/11 terrorist attack it took a while for the administration to believe that a threat existed, and it still is a challenge for the next issue, the INFOSEC threat. In the 9/11 instance it was shocking and daunting, problems and threats took a while for validation and this introduced delays in action. “Men’s minds are hard to adapt or understand unless it’s been a visceral experience for these leaders”.
What helped when 9/11 took place, there were two years of preparation plans in case of attack, there was also the Afghan War Plan, and The World Wide Attack Matrix of 9500 contacts. These were dusted off and a clear approach, after we were hit, allowed local, state and national organizations to be galvanized into action.
The Analogy in the Cyber world may be more challenging. With the 10th anniversary of 9/11, there is an expectation of imminent collapse of Al Qaeda, but there is not a clear message concerning the Cyber threat. Key policy issues around attack and defense are slowly taking on a value to decision makers. The Mantra of today of “CBRN” (Chemical, Biological, Radiological and Nuclear) threats is being transformed. This is now changed with new threat letters of “KBC” (Kinetic, Bacteriological, and Cyber). The World of terrorism has changed, driven by radicalizations, targeting not only government agencies but also corporations, that may be linked or icons of our society.
The Rubicon of our Future has morphed from “expensive college pranks”, “hackers” and “crime” into “physical destruction and human destruction” with a Cyber attack on the Infrastructure. How do we respond? What does the DOD (Department of Defense) do in the event of this type of attack? When will it occur? How to deal with technical attack that results in physical and human damage?
What is the message the United States is giving to the world, and how will we respond to the correct assailant in a timely and effective manner?
- Black Hat 2011 – The Myth of the Mac
- Black Hat 2011 – Intelligence Track
- DEFCON 19 - 2011 – Overview of the Conference
- Black Hat 2011 – Shark Week Continues with “Chip & Pin” and SQUARE