The briefings have been scheduled. The press releases are out. The party invitations have been sent. It’s time to get down and dirty with all things security at Black Hat 2016.
Over the past few months, we’ve seen a raging debate on encryption, various vulnerabilities in popular software and data breaches on multiple social media platforms. But one theme that has stayed the same is vulnerable Internet of Things (IoT) devices. In fact, this year at Black Hat, there will be 13 sessions related to keeping IoT connected devices secure and how to protect against having information on these devices breached. Similar to last year, the conference is once again offering a training session demonstrating how to attack smart devices.
The biggest reason behind this hacker craze is IoT’s absurdly large market, valued at around $812 billion per year and estimated to be as high as $1 trillion in the next five years. Most Americans use multiple connected devices every day, sometimes without even thinking about it. On an iPhone alone, users store heaps of extremely personal information no one would want to be made public (bank account information, credit card numbers, social media accounts, addresses, text messages, etc.), and hackers are having a field day breaking into devices that are not properly secured. Improvements in IoT security will be a major focus for security vendors as well as consumer corporations as the market expands and the demand for more interactive products increases.
When you gather the most brilliant minds in IT security in one building, all of whom have the ability to hack into even the slightest vulnerability in a network, who is going to protect the attendees from getting hacked? eWeek’s Sean Michael Kerner wrote about The Black Hat Network Operations Center, and its task to provide access to their network while still allowing hackers to maliciously attack each other. To me, the NOC is like a referee in a prize fight. They are going to let security experts show off their abilities and skills in demonstrating their advanced abilities, but they will be closely monitoring illegal activity. Black Hat’s WiFi network is open and not protected by any passwords, so attendees will often bring burner cell phones and keep all sensitive information stored securely off the network.
Walk anywhere on the Strip and you’ll see hacks. Our own team even saw a restaurant menu hacked! Anything is up for grabs.
Black Hat is just getting started, but we have already seen IoT take center stage. What do you think will be the biggest story to come out the next few days?