Black Hat Security Conference Sees New Focus on Preventing Brazen Attacks

Advertisement
By Associated Press | Updated: 27 July 2017 11:18 IST

Against a backdrop of cyber-attacks that amount to full-fledged sabotage, Facebook chief security officer Alex Stamos brought a sobering message to the hackers and security experts assembled at the Black Hat conference in Las Vegas. In effect, he said, it's time to grow up.

Too many security researchers, he suggested, are focused on "really sexy, difficult problems" that don't address the common vulnerabilities that allow malware attacks to wreak havoc. And too many security-minded hackers seem intent on demonstrating newly discovered hacks, such as making an ATM spit out cash or taking remote control of an Internet-controlled car, rather than shoring up more mundane defenses.

Advertisement

While part of that reflects the healthy intellectual curiosity of hackers, it's also driven by marketing and economic incentives, Stamos said. "I appreciate the showmanship, but we need a little more thoughtfulness, a little less showmanship in our field," he told reporters after his speech.

Global attacks, serious damage
Since May, the world has been rocked by two major international cyber-attacks - the ransomware WannaCry and a likely state-sponsored attack called NotPetya that spread out of Ukraine. Those and other recent digital assaults have paralysed hospitals, disrupted commerce, caused blackouts and interfered with national elections.

Advertisement

Stamos himself was formerly the chief security officer at Yahoo, which last year disclosed breaches of more than a billion user accounts that dated back to 2013 and 2014.

Black Hat, now in its 20th year, has matured since what Stamos, a longtime attendee of the computer security conference, described as its "edgy and transgressive" early days. It has grown more professional and corporate over time.

Advertisement

Stamos called for a culture change among hackers and more emphasis on defense - and basic digital hygiene - over the thrilling hunt for undiscovered vulnerabilities. And he called for diversifying an industry that skews white and male, and generally showing more empathy for the people whom security professionals are tasked to protect.

"It's unfair for us to say that users should be better," said Stamos, challenging his profession to find better ways to help people solve the most common vulnerabilities, such as reuse of passwords , email phishing attempts , and not updating devices to patch bugs.

Advertisement

Building a wall, metaphorically
Stamos announced that Facebook is investing $1 million (roughly Rs. 6.4 crores) to encourage defensive security research through an upcoming contest.

He also revealed the company will contribute $500,000 to a Harvard University-based bipartisan election-security project. That effort will be co-led by former presidential campaign officials for Democrat Hillary Clinton and Republican Mitt Romney. Facebook and its rival Google will help create an information-sharing and analysis hub that Stamos said could help local officials and campaigns prevent attacks.

Stamos isn't the only one calling for a broader focus on defensive techniques.

"We should celebrate defense," said conference attendee Amit Yoran, CEO of Columbia, Maryland-based security firm Tenable, and a former cyber-security official during the administration of President George W. Bush. "We focus on the threat of the day, the attack of the day, instead of focusing on the foundational issues."

But some attendees - Stamos among them - also point out that the bug-squashing hacker ethos still plays an important foundational role in helping to understand what needs to be fixed.

"Every single hacker is going to start by attacking and trying to hack things," said Jaime Blasco, a chief scientist at San Mateo, California-based Alienvault, who has been trying to compromise systems since he was a 12-year-old growing up in Spain. "I don't think it's bad. If you want to be a good defender, you have to understand hackers, and you have to have been one of them to know what you're dealing with."

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Apple Reviews iPhone 17 Demand as Costs Rise Due to Memory Shortage: Report
  2. OTT Releases This Week: Peddi, Ikka, Balti, Dose, The Westies, and More
  3. Motorola Edge 70 Max to Launch in India On This Day
  4. Sony IER-M500 In-Ear Monitors Launched With 5mm Driver, Hi-Res Audio
  5. Vivo T5 Lite 5G Will Launch in India on This Date
  1. Tecno Camon 50 Ultra 5G India Launch Date Announced; Colourways and Amazon Availability Confirmed
  2. Apple Reportedly Reviews iPhone 17 Demand as Costs Rise Amid Ongoing Memory Shortage
  3. Interpol Traces $122 Million Crypto Wallet Connected to Romance Scam Network
  4. Hong Kong's Securities and Futures Commission Tightens Anti-Phishing Standards for Crypto Platforms
  5. Itel Zeno 100 Pro India Launch Date Announced as Company Teases Zeno 100 Lite Arrival, Key Features
  6. Sony RX10 V Compact Camera Launched With 20.1-Megapixel Sensor, 4K 120fps Video Recording and 25x Optical Zoom
  7. Motorola Edge 70 Max India Launch Date Announced; Design, Key Features Revealed
  8. Asus Vivobook 14, Vivobook 15 Refreshed With Intel Core Series 3 Processors: Price, Availability
  9. Call of Duty: Black Ops and Black Ops 2 Ports Released on PS4 and PS5
  10. Samsung Galaxy Z Fold 8, Z Fold 8 Ultra Prices Surface Ahead of Unpacked Launch Event
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.