event coverage

Security advice for security conferences (and for other events with a bullseye on them).

Finally, it’s worth considering some of the security advice peoples offered at Black Hat. It will serve as a good starting point for next year’s event, or indeed for any other event likely to attract the ministrations of hackers (Olympics, World Cups, other Black Hats, etc.).

Level 3's Dale Drew told us that Black Hat is “not for the faint of heart, from a security perspective." the CyberWire spoke with him about the conference. A lot of people at the conference—and at DefCon and BSides—were there to experiment with various hacks, and that alone should place anyone attending on the qui vive. Among the threats you could expect to encounter were spoofed Wi-Fi hotspots and rogue cellphone towers designed to intercept calls. Drew recommended taking to the event only devices wiped, without personal or business data, and then wiping and scanning those machines again upon your return. (Those devices should all have up-to-date patches installed.) He suggested you consider changing your passwords before you go, and changing them again after you return. Cellphone hotspots or a My-Fi are a better security bet than any conference Wi-Fi hotspots. He recommended disabling Bluetooth and carrying an NFC blocker to protect credit cards. Look closely at any ATMs you use (if you must use them at all—better to come with enough cash to meet your needs) and inspect them for signs that a skimmer might have been installed. And, of course, don’t accept or use any swag that connects with your device—USB drives, chargers, cables, extra batteries, and so on.

So enjoy your events, and enjoy your travels, and stay safe.