Staying Secure At Black Hat and DEFCON – Quick Tips to Keep You Off the Wall of Sheep
Security conferences, such as Black Hat and DEFCON, are notorious for highlighting the security missteps that attendees may expose themselves to.
In the real world, many of these overlooked best practices (i.e. - Oops, forgot to get my VPN up before I responded to that email) don't have serious ramifications. But these conferences are different. Even the whitest of hats can get a little dusty gray at these conferences, and the competitive spirit pervades. A little trolling may arise here that wouldn't necessarily be common at most gatherings of security professionals. This is further fostered by the "Wall of Sheep" forum that allows for a public display of one-upmanship that permeates the atmosphere among colleagues and peers.
So how do you protect yourself from being identified as "that guy," with your name and credentials broadcasted to the entire community?
Most security professionals know that a dedicated, persistent hacker is likely to get in, even if you are practicing due diligence. But at Black Hat, between happy hours, intense briefing sessions, trainings, connecting with peers and the Circus Maximus feel of Caesars Palace, most hijinks won't be insanely persistent. A few good prep items, in addition to keeping your head on you shoulders, during the event can go a long way to keep you off the "Wall of Sheep."
Here are a few tips I've put together to help keep you and your organization from being shamed at the show:
Before You Go:
- Make sure you are fully patched with the latest AV, browser and other programs.
- Delete cookies and clear your web browser history and cache. Browser (and other application) caches offer a rich amount of information on the user. If a notebook is stolen, forensic software can be used on the device to quickly divulge large amounts of information on the user, identify their habits and access sensitive information.
- Encrypt sensitive files on your hard drive. If possible, go with full-disk encryption. There's a lot of seemingly trivial information that people forget to encrypt.
- Make a full backup of your computer and other devices prior to leaving for Las Vegas.
- Save all files you work on at the conference onto a cloud server or removable drive.
- Revert to this backup after you have returned.
While You are There (this should include traveling to and from, including airport locations, particularly at time of departure):
- Any device left alone is an invitation not just for theft, but compromise.
- Turn off your Bluetooth and Wi-Fi connections and any application that requires the use of these functions.
- Do not charge phones, computers or any other devices in charging stations or any public power outlet. USB or iPhone-ready power jacks are the most worrisome. Don't use them! They provide a direct data link to the connected device - and you don't know what (or who) is on the other end slurping that data.
- A great option would be to use a very small, low-cost portable battery pack that charges independently through an AC outlet. You can use this portable battery pack when traveling as it is a very safe and convenient way to recharge devices.
- Do not accept storage devices, USBs or files from people you don't know, no matter where you find them. That "conveniently-found" USB drive may get dropped into your bag, and pretty soon, you may forget where you acquired it and inadvertently use it later.
- If you carry any radio-frequency identification (RFID) enabled devices, such as your work badge, passport (some counties) or even some credit cards - it's best to leave them at home or in your hotel room.
- ATMs - Be cautious when using ATMs, especially machines close to the venue. Hackers can install card skimmers, or as they have done in the past, deliver a completely fake ATM machine to the hotel that hosted DEFCON in 2009.
- Wi-Fi Pineapples abound - be very weary of the wireless networks throughout the venue - and your entire stay at Black Hat.
- When using the hotel's internet, choose a wired connection in a room, if available.
- Use your VPN at all times. If you are working with sensitive information, use a wired connection with VPN.
- Avoid sending sensitive data while onsite.
- When roaming, if you have the option, use a 3G or 4G cellular modem for Internet access. It is the safest wireless option, though still not 100 percent secure.
If you are going to the conference and would like to connect, please reach out by dropping us a comment below. I would also be interested in hearing about any specific preparatory actions you take prior to or during security conferences of this nature.
I look forward to seeing many of you at Black Hat. Most of all, have fun - but remember to take the necessary precautions to keep your data safe.