Posted on April 15th, 2013 No comments
More than 200 hackers have assembled in the dark conference rooms of the Fontainebleau Miami Beach with one goal in mind: attacking vulnerabilities.
Okay, it’s true that most of those attending the two-day Infiltrate Security Conference are defense contractors from various governments around the world. But unlike larger hacker conventions, such as Defcon or Black Hat, Infiltrate offers a single track for those who are focused on the offensive side of security issues, such as discovering vulnerabilities and exploiting networks and computers.
In the world of cyber security, going on the offensive is a $100 million market, said conference organizer Dave Aitel, CEO of Miami Beach-based security company Immunity Inc.
Aitel worked as a computer scientist with the NSA when he was 18 years old before he moved on to work as a consultant at @stake and then in 2002 formed his own software security company.
He created the conference, which ends Friday, three years ago as a way to bring white-hat, grey-hat and black-hat hackers together in an anonymous setting to discuss techniques to go on the offensive when being attacked by malicious hackers.
“A lot of these people are meeting up with old friends — some of whom have never met face-to-face,” he said.
Speakers at the conference spoke on issues ranging from hacking the NextGen Air Traffic Control system, why businesses should hack their attackers, and a talk from a local convicted felon who served two years in prison and was fined $171.5 million for his role in a $700 million Miami identity theft ring.
Stephen Watt, the man convicted in the theft ring, was expected to give his first public talk since his conviction on Friday. Watt created a program that was used by another Miami man, Albert Gonzalez, to steal millions of credit cards from TJ Maxx.
“You want to know all the sides of the story,” Aitel said. “And you can balance that with other speakers.”
For instance, Aitel brought on Chris Eagle, a senior lecturer of computer science at the Naval Postgraduate School who has interests in computer network operations, malware analysis and anti-reverse engineering techniques.
Each presenter at the conference had to go through a technical review board to make sure the information presented is both interesting and novel, Aitel said.
“We often talk to them on the phone and discuss their paper more in depth to see if they are in fact deep in the field or dancing around the subject,” he said.
The conference also holds formal training for attendees to discuss web hacking, unethical hacking and a master class focused on modern exploit development.