Menu

Cybersecurity Conventions: A Newcomer's Perspective

First, let me start by saying yes, I will be doing a follow-up to RFID blocking wallets. I’m still testing this material and only had one manufacturer who sent me equipment for the Pepsi Challenge. (You can send inquiries to info@weatheredsecurity.com.)

But let me talk now about cybersecurtiy conferences.

This year was my first attending one cybersecurity event and my second at another. I’m constantly amazed at how polite and receptive people are at these events. But for being a cybersecurity and awareness event, many people attending are oblivious to their digital exhaust. It also continues to surprise me that the hotels give no warnings to guests when these events are taking place.

Did you know that the Nevada State BAR exam took place the week before these events in Las Vegas? The BAR requests that applicants upload their essays from their hotels or other locations, so that it would not be an additional burden on the system at the testing facility. I found it interesting that the BAR Exam was encouraging people to use their hotels open Wi-Fi to up load the essays. That compounded with the fact it is literally the Friday before two cybersecurity events start. It was amazing to me they would be so careless. Did they not know they were about to host a hacker convention?

How did I prepare for the conferences and what did I see there?

charging stationOn the way to the event, we started noting small things from past articles we will revisit. First, I noticed the number of people that were using USB charging stations in the airports—many on their way to a cybersecurity conference. We also saw another interesting charging option.

These charging stations are nothing new, but the next one is more recent and beginning to show up more often.

fuel rodFrom these stations, you get one charging cell then return it for a new one; this sounds great, does it not? I have reached out to Fuel Rod. They stated that each rod that is returned is refurbished and then redistributed. This may be a safer option than using public USB charging stations. We were not able to find out what is checked for during the refurbishing process, but I would recommend still using a data blocker if you consider this option.

In the past year, at least two USB exploits have been released for cellular devices while charging.  If you are traveling overseas, I definitely would not trust these devices without a data blocker. Again, this may just be my own paranoia talking. I have not heard of this being done with Fuel Rod, so it is a preemptive precaution. The company was not able to answer my questions about how much goes into the refurbishing process and data blocking checks they may, or may not, do; I am still waiting for a call back.

The next area that caught my eye, was how many people in the conference classes used the Wi-Fi with their regular work computers, personal computers, and cell phones. I am not saying that network is unsafe, but using your regular computer may be a bad idea.

I understand that at this point, some of you are asking what you should use. I used thumb drives; you can also thumb-boot Windows, Linux, or even MAC. This helps you avoid exposing your system. There are still possible risks, but they are much smaller, especially if you’re using a live ISO. If you are at a cybersecurity convention that is followed by another hacker event, you may want to give yourself a layer or two of insulation. Encrypt your system, then when you are at the convention you should thumb-boot the operating system you want to use.

I’d still use a VPN and avoid sensitive accounts, but this makes it possible to participate in a class at this type of event and not compromise your system. We actually teach students how to put multiple ISO’s on the same micro SD card. This is all open-source and should be something you look at doing anytime you travel overseas, also at cybersecurity/hacking events.

One of the biggest points of debate between fellow attendees and myself was whether we should use burner phones. A burner phone, like a bootable thumb drive, is not meant to have all your precious exposable data on it. Just because it is a burner does not make it safe. It is meant to give a layer of insulation to protect your valuable accounts. Do not log into your banking from a burner and think it is safe. That is equal to thinking that wearing body armor means you can get shot in the face and be okay.

Burner phones are a protective layer you use in less-than-desirable conditions. Yes, I have used a burner and that was the hot spot I used for internet access. No, I did not use that hot spot in the wireless village to check my mortgage paper work; know your environment and respect it.

My burner was one of the Nexus 6 phones we loaded with Kali Nethunter. It was jail broken and that makes it more vulnerable, but it did not link to anything that mattered. I did bring my regular phone but only used it a few times a day when I was away from the conference. No, I am by no means perfect, but my goal was to reduce my risk in the highest threat environments. Plus, I do have a life.

From what I observed, more people were actively using Wi-Fi and Bluetooth at one of the events than the other. That is a bit crazy since that one is filled with cyber-professionals who are supposed to teach and protect their companies about how to avoid losing information to hackers.

So let me recap: the basics we have spoken about before still should be considered.

  • If you do not own it, do not plug into or charge from it.
  • Use data blockers while charging, even on your own laptop; they cost less than $8.00.
  • Do not plug into anything in your hotel room, this includes connecting your HDMI cable from your company computer to the television.
  • If you would lecture one of the people who use your network or equipment for doing something—such as logging into public Wi-Fi—do not do it at a HACKING CONVENTION.
  • Bluetooth and Bluetooth devices should probably be left at home for these events.
  • Never sync Bluetooth with a rental car, ever.

I’d also like to encourage you to use thumb-bootable operating systems when overseas or at high-risk events. The use of a burner phone is just a tool to protect you with a layer of separation. If you let that device touch your sensitive accounts, you probably compromised your account.

Know your environment, and be a professional that takes the basic precautions to protect yourself and others.

Posted on August 31, 2016

Dale "Woody" Wooden

by Dale "Woody" Wooden

Weathered Security

← View more Blogs

This document was retrieved from https://www.rsaconference.com/blogs/cybersecurity-conventions-blackhat-defcon on Mon, 26 Sep 2016 18:27:09 -0400.
© 2016 EMC Corporation. All rights reserved.