Ideas fresh off the wire

Highwire PR at Black Hat USA 2015

Leave your smart phones, tablets, drones, rifles and cars at home (yeah, I said rifles). This year’s 18th annual Black Hat USA is boasting some seriously cool sessions from hacking sniper rifles to remotely killing a Jeep on the highway to cloning payment devices. Highwire PR’s security practice will be there front and center alongside corporate information security professionals, government infosec pros – oh and hackers.

To say security is a major concern to all is an understatement usa-v2-inactive– just in the past few months we’ve seen the largest government breach to date when the Office of Personnel Management was hacked leaving more than 20 million vulnerable, a vulnerability called Stagefright that can affect millions with just one text message, and to round that out: data breaches are paving the way for a significant jump in cybersecurity funding. This year’s Black Hat attendees are getting ready to learn, network and attend a solid lineup of must-see presentations.

So what session’s are Highwire’s security pros looking forward to most?

Bill Bode, account director
I’m sort of a space nerd (ask me about my idea for my space-themed dive bar, “Space Bar.”) This, combined with my interest in security makes my most anticipated talk a no brainer: Colby Moore from Synack will be taking Black Hat attendees step by step on how to hack a satellite, with real world attack vulnerabilities in his talk, Spread Spectrum Satcom Hacking: Attacking the GlobalStar Simplex Data Service. I wouldn’t miss it for the world (get it?)

Pete Johnson, account manager
The one I’m most excited about is “Remote Exploitation of an Unaltered Passenger Vehicle” by Charlie Miller & Chris Valasek. Andy Greenberg at Wired published a really crazy piece about Miller & Valasek’s research last week—with arguably the best lede in an article I’ve read all year. Given the rapid shift toward connected cars and the industry’s race to usher in a driverless future, these kinds of exploits raise a lot of questions (if you were a fan of Michael Hastings’ work for Rolling Stone, you’ll probably find yourself fighting some gnawing questions).

Denise Schenasi, senior account executive
I’m interested in the session on, “Back doors and front doors breaking the unbreakable system“. Given the recent U.S. Government hack and the increasingly rampant cyber and insider threats on government institutions and their employees, it’ll be interesting to see what this session adds to the industry debate- and their thoughts on whether the government should – or shouldn’t – have backdoor access to encrypted data.

Isaac Steinmetz, account executive
This presentation on “Android Security State of the Union” should be especially interesting given the recent attention that Stagefright garnered. The presentation will draw on data derived from “hundreds of millions” of devices in order to highlight some of the most pressing Android security issues. The scale of this research alone is impressive. Furthermore, it’s extremely timely, as we’re faced with a vulnerability that could affect close to 1 billion Android devices.

Mariah Robertson, account associate
Pen Testing a City” sounds like it’s going to be a really interesting talk. As our world becomes increasingly connected, and the idea of hacking airplanes and critical infrastructure becomes a bit more real (and terrifying), it will be interesting to hear about what could happen if hackers were to take down an entire city! Is your city prepared for this kind of attack?

Laura Pezzini, account associate
las-vegas-04Bringing a Cannon to a Knife Fight” should be really interesting — considering how deeply governments worldwide are now involved in trying to boost security efforts, it’s fascinating that the Chinese Communist Party literally has a weapon called the “Great Cannon” to suppress any sites they deem against their agenda with a casual DDoS attack.

Alexi Foster, account associate
Whenever we are hit with a major breach, there seems to be a lot of skepticism around human error, activity, and response. The talk on “Automated Human Vulnerability Scanning with AVA” will be interesting to learn if/how we can test human response to security incidents, and what the behavior analysis finds.

Devon Swanson, account associate
The talk on “Exploiting IT Analytics to Create a Human Layer Security Initiative” is one I have my eye on because Dtex examines the “people-centric” aspect of security that leads to insider threats. This workshop actually sounds super interesting by examining user analytics for the human layer of security threats.

Interested in meeting with Highwire PR at Black Hat this year? Email us at Hi@HighwirePR.com