Tech+ Blog: Bay Area IT Security & Consulting News

Lessons Learned on IT Security at Defcon26 and BlackHat

Aug 13, 2018

Tech Plus at Defcon26 2018

This last weekend was fun, educational, and exhilarating. I was lucky enough to get to represent Tech+ at both BlackHat and Defcon - the two largest hacking and IT Security conferences in the world, held annually in Las Vegas, NV.

There was so much stuff I learned I am going to split this into a few blog posts. My biggest take away from the convention was just how important IT Security is today. I went to several talks, demos, and spoke with numerous IT security researchers and security professionals. 

One of my favorite talks was a Skytalk on Incident Response, and what a small IT Team did following a Cyber attack on a small hospital. 

The presenter went over how their hospital got hacked from a 3rd party vendor's mismanaged server, what actually happened during and following the attack, the mistakes they made, and how they could have prevented it. My biggest take away from that talk was just how important a good firewall is, and properly setting up subnets, security policies, and VPN access. Had this hospital configured the vendor server with the least possible access the attack would not have spread the way it did. Another lesson was just how important backups are and testing those backups. During a disaster you want to be able to get things back up and running as fast as possible without having to think too much. At Tech+ we test backups for our managed IT support clients weekly, as well as do bi-annual disaster drills, and hearing this Skytalk at Defcon really reminded me why this was so important. 

 

Tech Plus Defcon Bio Hacking VilliageMy Defcon trip also took a stop at the Biohacking Village, where I got to see first hand medical devices being hacked, and learn about the life and death consequences this can cause. IT Security is really, really important in the medical field. This is true especially when looking at stuff like insulin pumps, infusion pumps, blood sensors, EKG monitors, pacemakers, and other wearable devices.

I even saw a demo where a hacker was able to take control of a EKG Monitoring device and simulate on the screen a heart attack, or what's worse simulate the perfect health and silence the alerts which could have life/death consequences. 

 

Another stop during my weekend was the packet capture and packet hacking village. This is the home of the infamous 'Wall of Sheep' where usernames and passwords are shown that have been captured over wifi sniffing. 

Wall of Sheep at Defcon26 Tech Plus Oakland

Here I learned the importance of VPN to secure all traffic and keep users protected. Our iPhones at Tech+ had a special VPN profile setup where for the entire weekend VPN was automatically established and enforced 24/7 on both cellular 4G LTE and Wi-Fi networks. We are going to look at trying to roll this technology out to more of our customers.

Tech Plus at Defcon26 Hacker Hat

Here is pictured another attendee who built a hat with a battery powered device called a Pineapple on it. I will go into this later and how it works on my next blog post.

The con was crazy with me getting 4-5 hours of sleep at most a night. There was stuff going on 24/7 for 4 straight days and that was just the Defcon portion of the trip.