It’s Day 3 of Black Hat 2015, a major conference for cybersecurity professionals. With over 9,000 attendees expected, the conference addresses major issues facing top information security officers at businesses around the world.
What are the key briefings for businesses to catch? The Cipher Brief gives you the skinny on the must-see presentations of the week.
Briefings for Businesses
Abusing Windows Management Instrumentation to Build a Persistent, Asynchronous, and Fileless Backdoor — August 5
Ever use Windows? This briefing will demonstrate a new technique used by hackers that exploits software present in essentially all Windows operating systems. By creating a persistent “backdoor” into a system, it allows thieves to steal data while leaving very little trace of the intrusion. The OPM hack highlighted the damage that advanced persistent threats (APTs) such as this can do once established in a network.
Breaking Access Controls with Blekey — August 6
Is your office secured by a key card? This briefing demonstrates how to use open-source hardware to fool RFID scanners or easily copy RFID cards. This hardware would essentially create a skeleton key that could open any RFID lock – changing the game for the physical security of any building.
How to Implement IT Security After a Cyber Meltdown — August 6
Everyone would prefer to avoid being hacked at all, but if it happens, response plans are critical. This briefing examines Saudi Aramco’s recovery from the 2012 cyberattack against its core business systems. Concerned businesses can take notes on this firsthand account of lessons learned on robust cybersecurity postures and effective post-attack recovery plans.
Threat Detection & Vulnerability Assessment
Why Security Data Science Matters and How It’s Different: Pitfalls and Promises of Data Science Based Breach Detection and Threat Intelligence — August 5
Data science can be a powerful tool for enhancing malware detection, improving network security and augmenting threat intelligence activities. By leveraging big data analytics, cybersecurity professionals can find trends in past and present hacking attempts.
However, the integration of data science into cybersecurity has not been smooth or seamless. This session will discuss bridging the gap between these two disciplines to make networks more resistant to penetration and better able to detect and eject intruders.
Automated Human Vulnerability Scanning with AVA — August 6
IT professionals know that the single greatest flaw in any cybersecurity system is the people who use it. Your own employees might — unintentionally — be the greatest threat to your network. This briefing introduces a program that allows users to systematically assess vulnerabilities represented by “the human factor.” Ideally, programs like this would allow businesses to target training to minimize risk.
Defeating Machine Learning: What your Security Vendor is Not Telling You — August 6
Machine learning algorithms allow computers to learn from past information and make decisions about new information. In theory, machine learning would help humans create network-monitoring programs that could identify breaches automatically.
However, the field of machine learning is not quite there yet. This briefing will give business leaders a balanced estimation of the utility of machine learning, helping cut through the hype and inform purchasing decisions about security systems.
Threats to Physical Assets
Remote Exploitation of an Unaltered Passenger Vehicle — August 5
Wired magazine recently released an article in which two hackers seized control of a Jeep Cherokee while it was in motion. This article created a conversation about the degree to which cars are now susceptible to cyberattacks.
The two hackers are telling their story at Black Hat, and are a must-see for the automotive industry and any business that is dependent upon automobiles at any point in its supply chain.
Remote Physical Damage 101: Bread and Butter Attacks — August 6
Creating a program that can damage physical hardware is difficult, time consuming, and requires a deep understanding of the target. This briefing, however, demonstrates that by focusing on commonly found systems — such as controls for valves and pumps — hackers can cause large-scale chaos. This session will focus on minimizing vulnerabilities in systems that, if damaged, would have wide-ranging effects.
Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion — August 6
What if you’re being hacked and you don’t know it? This session also covers the use of cyber-techniques to damage physical assets, but with a key difference: how the hackers obscure the source of the damage and prevent victims from realizing that they are being hacked at all.
When IoT Attacks: Hacking a Linux-Powered Rifle — August 6
The title says it all. The briefers will describe how they managed to hack, misdirect, and control a “smart” rifle. This will highlight a stark example of the potential vulnerabilities and threats that are endemic to the growing Internet of Things (IoT). Implications of this will likely have a strong effect on how smart technologies are developed and released in the future. A must see.
These are just a sample of the briefings at Black Hat this year, with others touching on topics like understanding mobile phone malware, assessing a city’s vulnerability to cyber attacks, hacking satellite communications, and many more.
Luke Penn-Hall is an analyst at the Cipher Brief.