Black Hat's preliminary meetings and social events having run through last night, the conference opens its exhibit floor at 10:00 AM Pacific time today. The presentations in the Arsenal begin at about the same time. We'll be making the rounds through some of the briefings.
There are a great many products and solutions being announced and pitched at the event, as is always the case. There are links to some of those announcements below. Among the discussions gaining early attention surround industrial control system (ICS) security, especially with respect to power grids, the prospects of artificial intelligence for cybersecurity (with some skeptical observations on their limitations), and trends in cybercrime (with a study on gray hats attracting attention).
One starting point for power grid security discussions is Cybereason's honeypot experiment in which the company established a dummy power utility presence online and observed the focused attention it received from attackers. The attacks ranged from the usual low-level probes to a focused and patient campaign that apparently came from a nation-state. That this unnamed (probably unknown) nation-state showed a lower than expected level of sophistication suggests that it's not the usual Russian suspect so often mentioned in dispatches.
A Malwarebytes-commissioned study on "the true cost of cybercrime" reports a disturbing trend: the rise of the gray hats, those security professionals who keep their legitimate day jobs but moonlight in cybercrime, or at least in questionable and dodgy activities. The study concludes that one in twenty security professionals in the US are "perceived" as gray hats, and the fraction is much higher in some other parts of the world. How close the perception is to the reality may be open to debate (the prevalence of hacker-chic style in the security community may inflate it) but it's an unpleasant conclusion to contemplate.
And Comodo has issued a challenge to the anti-virus community. They call it the "Zero-Day Challenge," and they intend to use it to expose what they regard as over-hyped claims for the efficacy of artificial intelligence in threat detection. That AI has value in detection seems beyond serious dispute, but Comodo appears concerned to debunk some of the larger, silver-bullet claims that would anthropomorphize the popular family of technologies. We'll take a look this week and see how the Challenge progresses.