- The Washington Times - Thursday, July 12, 2001

LAS VEGAS (AP) The same day high-tech professionals wrap up a meeting on securing computers and networks, a convention opens nearby for hackers who spend countless hours trying to break into computers and networks.
It's no scheduling slip, nor is it an attempt to spark a showdown on the Strip. Organizers and participants are expecting and counting on a lot of mingling this week.
Call it getting to know the enemy.
"It's an opportunity to meet and greet a fairly broad spectrum of people, from the people who break systems all the way to the people who protect them," said George Jelatis of Secure Computing Corp., a provider of access-control software and services for large companies.
Black Hat Briefings opened yesterday and runs through today. Def Con takes place just a few blocks away tonight through Sunday.
The two conferences are targeted at different audiences, but they share a common heritage. Jeff Moss, founder and organizer of both conferences, said 60 percent of those who attended Black Hat stayed for Def Con last year.
Created nine years ago for hackers to stay in touch, Def Con quickly gained a reputation as a wild underground affair that included a lot of partying, hacking games and contests to identify federal agents.
Although hackers and the professionals exchanged useful information on vulnerabilities and fixes, Def Con's notoriety sometimes was difficult to overcome.
"People were saying they couldn't get to Def Con because none of their bosses would ever sign off on it," Mr. Moss said. "They said if we could do a real show, they could get money for that."
So Mr. Moss initiated the Black Hat Briefings five years ago for computer-security professionals. The conference pays speakers, whether they are hackers, federal officials or corporate gurus. Conference goers pay more than $1,000 each, compared with Def Con's admission fee of $50.
"Somebody once said Black Hat is the university and Def Con is the frat party," he said. "That description has fit pretty well."
Black Hat has grown with the frequency and cost of computer crimes. According to the Computer Security Institute and the FBI, 85 percent of 538 companies, universities and government agencies surveyed said their networks were breached last year.
The 186 respondents who quantified the damage put their losses at $378 million. Last year, 249 companies said they lost a total of $266 million.
As networks and computers grow increasingly important, the stakes are higher than ever. Intrusions threaten credit-card numbers, personal medical information, national security, the econ-
omy and the reliability of utilities.
The Black Hat program includes discussions on the latest advances in detecting intrusions and tracking down culprits, next-generation e-mail viruses and security for wireless networking.
But why would a hacker who discovers a security problem want to disclose it? Mr. Moss said recognition not to mention a sense of doing a good deed builds confidence in the high-tech infrastructure.
Still, he added, hackers are facing increasing pressure from their peers to keep their findings secret. Another problem is that some wear both white and black hats being the good guys and the bad.
"They see a social benefit to having insecure systems," he said. "They say if you are out there making systems 100 percent secure, you're enabling governments and corporations to become more fascist."
Despite pressure on hackers to clam up and the hard times for the high-tech industry, Mr. Moss expects an increase in attendance at the Black Hat meetings over last year.
"Security is like doctors and policemen you always have to have it," he said. "It's not like the pool-repair guy, where when times get tough, you don't really need him."

LOAD COMMENTS ()

 

Click to Read More

Click to Hide