Hacker Con Impressions: Leap or Loiter?
Last week, we attended the premier conference for offensive cyber operations and training. It drew federal and commercial professionals from all around the world who are 100% focused on the offense at the source code level. There is no change to our sector view based on the conference — we continue to believe there is tremendous investment opportunity in developing and acquiring offensively-based cyber capability.
We weren’t too surprised by the technical advances we saw:
- Hackers continue to feel they are the underground — despite incredible focus on cyber security
- Stunning astuteness of real-time offensive capability by foreign actors
- Frustration by apparent US reluctance to “fight back”
- Motivated by budget dollars spent in this area
- Evolving denial of service capability in unclassified channels — better, faster, cheaper heap, kernel, application-level and wireless exploits were demonstrated
- Integration of capability in unclassified channels — automated exploitation platforms, firmware as the access point to exploit software, and social engineering targeting techniques were demonstrated
- Scoffed at increased investment by software developers for enterprise level hardening. Demonstrations showcased the increasing ease to access core central system files, given in most cases “Python glue” was used to stitch together the same old vulnerable code
What we didn’t see:
- Discussion around policy development for the offense to more formally engage in the dialog on worldwide cyber security protection nor programs to develop advanced mathematics, computer science and related fields of study that promote and nurture the fundamentals of offensive operations
- Distinct research and development roadmaps to develop gap capability — the next wave of high value targets and techniques seem to be less obvious as the low hanging fruit has largely been commoditized
- Aggressive extension of offensive techniques to emerging domains (SCADA, other critical infrastructure and national assets)
We continue to believe full integration of and leadership from the offensive community into every facet of the cyber dialog is crucial to unlocking the step up to next generation offensive techniques — and thus evolved defensive solutions.