27 C
Singapore
Sunday, December 8, 2024
HomeTravelAmericasAttending and surviving Blackhat USA

Attending and surviving Blackhat USA

Blackhat USA is a global security convention and possibly the largest in the world. Since its inception in 1997, the convention runs in several countries, with this USA hacker convention right here in Las Vegas being the largest and most popular globally. The weekend event was held at the Mandalay bay resort and casino. It saw around 19,000 security professionals from all over the world in attendance. Let’s check out how is it like attending and surviving Blackhat USA convention.

Trainings, briefings and conferences

Furthermore, if you enjoy talks, Blackhat USA offers a great variety of talks for both the offensive and defensive minded individual. The convention offers a packed briefing schedule comprising of a number of concurrent tracks happening at any time. Here are some notable main topics of discussion:

Briefing panels in Blackhat
Briefing panels in Blackhat. Covering topics from finds to vulnerability forensics.

Topics of interest

Moreover, hot topics this year includes Devops and Cloud security, such as accessing the host of AWS instances, and containers, namely those by docker and kubernetes. Also, there is a growing focus on emerging technologies such as autonomous and connected vehicles, blockchain, deepfakes (with emphasis on adversarial networks), up and coming 5G, among many others.

Typical briefing setting
Typical briefing setting, it can range from small panel room like this to giant halls seating hundreds.

Mass exploitation of vulnerabilities

Furthermore, past hot vulnerabilities such as BlueKeep and WannaCry quickly taught the world about eliminating legacy operating systems and defunct protocols. This should be a foremost priority. Other topics also include securing Internet connected devices valuable targets for eavesdropping or stealing confidential information.

One of the many panels on software vulnerabilities you can free hop on around the Blackhat briefing days.
One of the many panels on software vulnerabilities you can free hop on around the Blackhat briefing days.

More efficient DevOps

Moreover, Blackhat this year emphasized on concepts of DevSecOps. Also, automating DevOps security was shared as ways to meet both ever-increasing security and operational goals. It allows teams to keep pace with accelerated development schedules

Introducing the DevSecOps pipeline at Blackhat USA which breaks from traditional software development agile methods.
Introducing the DevSecOps pipeline which breaks from traditional software development agile methods.

Additionally, DevSecOps breaks from traditional software development agile methods.  It is as opposed to traditional separate quality assurance software teams decoupled from the coding teams. Also, by injecting ops and security responsibilities right into the development teams itself, this has benefits with more developer code-ownership, buy-in and let developers take their code more seriously. Henceforth, it reduces need for project handover, simplifies maintenance given how short software development cycles.

Network DevOps center

Also Blackhat is one of the few events where you can see rare opportunities for developers and enterprise work in tandem in addressing breaches before it happens. We see this live in the event Network Operations Center (NOC).

Blackhat Network Operations Center (NOC), where all the magic happens and one of the best demonstrations of DevSecOps
Blackhat Network Operations Center (NOC), where all the magic happens and one of the best demonstrations of DevSecOps.

Here, companies and devs work with ops as they run the event network possibly in one of the most hostile wireless networks in the world, during in the heart of the Blackhat event. They can detect any type of attacks immediately and dispatch staff to investigate. During the convention, you can visit the NOC and see the traffic maps and attacks happening right front of you.

blackhat-2019-016
NOC threat monitors
blackhat-2019-004
The briefing halls
blackhat-2019-014
Briefing schedules

Attacks by Nation states

Notably, cyber battlefront is always changing. While concepts of commercial malware and hacker tools on the commercial dark web aren’t new, a new worrying trend is nation-states employing them to mask their activities in commercial noise. This allows nation-states to be repeatedly to conduct operations against their targets, rather than creating unique custom (and identifiable) software. This makes it harder to trace the origins to nation-states.

Bounties Galore

Moreover, notable in the InfoSec scene is the presence of generous on Bounties to discover vulnerabilities in software. This promotes an open culture of ops, funded companies tech giants such as Apple and Microsoft. Also, Microsoft had also added prize money of $300,000 to its Azure bug bounty initiative. It is made open to researchers to encourage open exposure of any vulnerabilities of most prominent cloud computing platforms, in the spirit of sharing here at Blackhat USA.

Blackhat Trainings

Trainings usually start a week before the actual Blackhat event start date. It is tad like a “soft opening”. Having said that, each Blackhat USA instance begins with up to 4 days of technical trainings. Typical sessions cover a whole wealth of topics including Pentesting, cryptography, forensics, Internet of Things, malware, and industrial control systems (ICS). Also, trainings are usually conducted by commercial trainers who make a point to teach at Blackhat every year given the lucrative course fees. Trainings appeal to InfoSec, blue and red team hackers from beginner to advanced skill levels.

Furthermore, trainings at Blackhat are conducted in the convention center ball rooms for large classes or in a classroom environment for smaller practical groups requiring more hands-on. Notably, topics covering hands-on penetration testing and hacking classes demanding participants to bring their own computers and/or connect to training networks and/or VPNs to mass lecture style talks in large halls with hundreds of participants. Notably these training courses are rather expensive too. Courses range and are taught by a range of InfoSec companies or invited guests or speakers.

No worries about food

Food is never an issue at Blackhat USA. On training days, breakfast and lunch are provided, together with twice daily tea breaks held in the conference floors. On briefing days, only ticketed daily lunch is served. Though the food halls do open in mornings serving classic continental breakfast too.

Meals are served buffet style, all the food to keep you going for the day. Do note meal timings are very tight and you usually might not time for seconds
Meals are served buffet style, all the food to keep you going for the day. Do note meal timings are very tight and you usually might not time for seconds.

Moreover, this is served buffet-style where you use a ticket to enter the huge dining ground floor convention halls. I reckon this justifies the $2500 USD per attendee ticket. The halls serve fruits and bottled fruit juices during breakfast. I recommend grabbing a bottle to bring up to your training which you can drink in the afternoons if breakfast is too filling for you.

Crowds at mealtimes. There are plenty of food stands and crowd management by the staff.a You never have to wait over a couple of minutes for your food
Crowds at mealtimes. There are plenty of food stands and crowd management by the staff.a You never have to wait over a couple of minutes for your food.

Buffet food quality is generally decent of what you expect of hotel catered food. However, if you want something more premium or a beer, you will have to grab it at the hotel bars yourself. Still, you will never run out of outside food options here in Vegas. Fancy a Shack Shack or a Ramsay restaurant? you are covered too.

blackhat-2019-012
Dining halls
blackhat-2019-013
Food at breaks
blackhat-2019-044
Closed parties

Having said that, there is always an eatery not more than a block away, let be the large range of restaurants, bars and cafes within the Mandalay Bay Hotel, Casino and shops itself. At times, certain trade show companies will book out entire bars and restaurants for parties and networking events. Amazingly, some even offer free flow of Starbucks for an hour. Just be there before the queue does!

Blackhat Opening Ceremony

Moreover, the convention spans over an entire week. It starts proper on the 5th day of Blackhat, after the 4 training days. The opening ceremonies were huge, held at the Mandalay and casino convention center sports arena. This is where you get to realize the size of the event.

Blackhat opening ceremonies are huge, with an entire sports hall used for the initial keynote
Blackhat opening ceremonies are huge, with an entire sports hall used for the initial keynote.

Also, here, you get the event keynote and welcome address delivered person by the Blackhat founder and executive Committee, Mr Jeff Moss. Notablt, Jeff He has spent the last 17 years as founder and director of Black Hat and DefCon

Notably keynote topic speaks of the decentralisation of cyber security experts in software development teams. Where the concept of a centralised cyber department moving into members of individual software dev teams. The keynote also marks the day where Blackhat briefings and trade show convention starts. This is when the talks, briefings and companies come to life at the convention trade floor.

Surviving Blackhat

The six-day event can get rather hectic with several tracks running at any one time. Moreover, if you wish to make the most out of your Blackhat trip, it pays to come prepared knowing what topics and briefings you wish to attend.

Learn a thing or two with the experts over a beer! Lots of interesting stuff here
Learn a thing or two with the experts over a beer! Lots of interesting stuff here.

Hence, it is recommended to make a convention plan. You can do this running through the briefing schedule and plotting and prioritizing your desired talks to attend. Also, do keep in touch with the online schedule as opposed to the print version in the convention schedule as panels may get shifted or canceled at last minute (e.g. speakers held up at airport, etc.).

Check Blackhat USA online for the latest schedules as print schedules may not be updated as timely.
Check online for the latest schedules as print schedules may not be updated as timely.

Also, it is good to know you are pretty well taken care off as an attendee at Blackhat USA. Though most of the trainings and briefings are held on the upper 3 convention floors, certain panels and rest and relaxation rooms are located in the basement floors. You might want to keep a physical or digital handy floor plan to help you find the shortest distance between two places.

Attendee Discounted Accommodations

Notably, most hotels in the vicinity of the Mandalay Bay hotel runs discounted room rates. Mandalay and casino convention center is located on the south end of the Las Vegas strip in Nevada, USA.

The Mandalay bay, where Blackhat USA was held is well connected to other supporting hotels in the area. Especially if it is an MGM-operated hotel
The Mandalay bay, where Blackhat USA was held is well connected to other supporting hotels in the area. Especially if it is an MGM-operated hotel.

Here, several hotels similarly under the MGM hotels group such as Excalibur, Newyork Newyork and the Luxor offers discounted accommodation as a Blackhat attendee. Nightly rates can go at $70 a night without breakfast included. Notably, this is about half the average Las Vegas Hotel nightly room pricing. Do note the discounts also applies to days after the convention dates if you plan to stay in Vegas after the convention, or attend Blackhat too.

Additionally, the breakfast exclusion is not an issue as each of the hotels offers a food court selling really affordable food and opens early. Also, Blackhat itself offers meals within the convention hall anyway. Moreover, on getting there, the Mandalay Bay is walkable from Excalibur and the Luxor itself. Alternatively, you can also take the free courtesy monorail, just be sure you get on the right direction!

Dress light with comfortable shoes and a Jacket

Also, due to the size of the event spanning multiple halls, you will find yourself putting in a lot of steps daily. You can equip yourself with a step tracker for the Lols. Having said that, there are plenty of miles to cover between halls, conference rooms, bars, restaurants as you make your way through your schedule.

There is alot to see and do here at Blackhat USA. Unless you have formal business to attend, prioritize comfortable clothing and shoes over looks here
There is alot to see and do here at Blackhat USA. Unless you have formal business to attend, prioritize comfortable clothing and shoes over looks here. It can be along day!

Moreover, when you’re not walking, you’re going to be spending a lot of time standing. There is just so much to see at anytime. Hence, do wear good walking shoes, such as trainers or soft-soled walking shoes. Comfort is key here and not fashion. There are no formal dress codes here and you are fine even in Berms, shorts and trainers. It is after all, sunny Vegas!

The Blackhat trade floor. It can get rather freezing indoors at certain areas of the halls. So do bring a light jacket if do.

Also, it gets freezing in the desert. Well, meaning, the convention halls can be very chilly. The hotels usually run the air-conditioning at full blast during the convention. It can get rather chilly indoors, especially in the training rooms. So yes, as ridiculous as it sounds, do bring a light jacket to your trip in the desert.

So many briefings to attend

Notably, with at least 4-5 panel tracks on at anytime, you can’t be at all briefings. Hence, you have to decide and pick the ones you need to attend which clashes on similar timeslots. However, in the event if you wish to attend 2 sessions at once, a tactic I would recommend is to split the session between the two.

Hack an ATM? We got you covered here at Blackhat
Hack an ATM? We got you covered here at Blackhat.

Sit at the back of the hall on your first half makes a mid-point exit to your next venue easier and less disruptive to attendees. Unlike DEFCON briefings, Blackhat talks and panels seldom end early and usually stretch out for the entire hour they are given, so you are usually good for new content on the second half. Alternatively, you can shell out some cash for blackhat’s pre-recordings to watch all panels at your own time.

Huge Tradeshow

Moreover, Blackhat USA trade show has a very vendor‐neutral community. The professional trade show portion of the convention is brought together leading professionals from the InfoSec community. This includes those from public and private sector, academia, and research. The event is huge, spanning over 3 convention center halls in the Mandalay Bay itself.

3 convention halls of end to end InfoSec goodness. Possibly the mecha of corporate Information security and hacking
3 convention halls of end to end InfoSec goodness. Possibly the mecha of corporate Information security and hacking.

Here, you see big-name companies such as f5, crowdstrike, Malwarebtyes, Rapid, and IBM Security present at their briefings as well as their booths in the trade halls. Even Facebook Security were around looking for hires into their internal security teams.

No expense was spared in most of the booths here. They area huge
No expense was spared in most of the booths here. And boy are they huge.

Also, it is not uncommon to see large groups of patrons gathering at booths. Some of these booths can rather extensive, with huge seating and demo areas. Here, staff can do 1-1 intros share the most critical, actionable security research and insights through cutting‐edge conferences and educational programs.

Group briefings by various vendors, Rapid in this case
Group briefings by various vendors, Rapid in this case.

What a free T-shirt?

Furthermore, it appears that the software and cyber security conventions spare no expense on booth budgets, particular on the gifts they give out to entice visitors to find out more or promote their products.

blackhat-2019-022
Showfloor
blackhat-2019-027
Custom Shirts
blackhat-2019-021
Custom Loot!

Hence, it is not uncommon to find booths generously dishing out company-branded electronics and T-shirts as gifts. Some booth even provides gift tokens after sitting through their presentation sessions, such as custom printed T-shirts. I had a friend who won a Nintendo NES gaming system just from spinning a wheel at a booth.

A participating company of the Blackhat Passport treasure hunt, identified by these signs on their booths
A participating company of the Blackhat Passport treasure hunt, identified by these signs on their booths.

Also, interestingly, Blackhat runs a Passport treasure hunt thing. It encourages you to visit them, where you can collect stamps from participating companies where you can swap a completed stamped entry for prizes.

blackhat-2019-033
IBM security
blackhat-2019-039
Convention Dogs!
blackhat-2019-023
Book signings

Some company booths even better others by providing custom pressed shirts made on-the-spot. Other notable tangibles includes gifts such as toy swords, and signed books on topics of InfoSec, Penetration testing where you can meet the authors themselves. Of course, there is no obligation to take any of them.

Georgia Weidman at her book signing session
Georgia Weidman at her Pentesting book signing session.

Hands-on Arsenal Section

Besides talks, the tradeshow area is also home to the Arsenal Lab. Blackhat Arsenal is where you can view and try out live demos and exploits in a science fair setting. Moreover, this activity area had been around for 10 years. We see a new layout allowing more hands-on for attendees to play with hardware, ICS gear, and IoT devices in a controlled environment.

The Arsenal sits in one of the 3 halls and provides attendees a schedule of more informal and hands-on style of learning
The Arsenal sits in one of the 3 halls and provides attendees a packed schedule of more informal and hands-on style of learning.

Also, the Arsenal provides a unique opportunity to mingle with Arsenal veterans, Blackhat USA Trainers, researchers and enthusiasts from the open-source community running these small panel sessions. Topics includes demonstration of their developed open-source tools and findings over the past year. You can typically find easily over 100 tools being showcased during the event.

blackhat-2019-037
Arsenal classes
blackhat-2019-040
Arsenal 3d prints
blackhat-2019-041
Boards hand on

Additionally, you can approach various hacking tools through a class room style cohesive environment or actually getting your hands dirty with tools.

Yes, step by step instructions...
Yes, step by step instructions…

On my visit, I got to meet receipts of the Pwnie awards. The award resembles a gold My Little Pony toy. The Pwnie Awards recognize both excellence and incompetence in the field of information security.

Got Pwnie Awards?
Got Pwnie Awards?

Official Blackhat Swag everyone can’t get enough

Moreover, if you can’t get enough of swag at the convention area, you can check out the official Blackhat gift shop, operated by Moxie merchandising. The shop sells official convention goods.

You can find lots of stuff with the Blackhat logo on it. At a premium too
You can find lots of stuff with the Blackhat logo on it. At a premium too!

Additionally, I found the items on sale tad overpriced. But they still sit in the realm of affordability. However, despite this, it is not uncommon to see long queues in store. A walk around sees the usual merchandise of apparel, bags, mugs, stickers and pins. A hoodie and bag costs at least $50 USD a pop, premium bags and briefcases can cost upwards of $200 USD. It is not uncommon to see attendees with purchases in the range of hundreds of dollars.

Merchandise of apparel, bags, mugs, stickers and pins. You name it, and it does get packed too
Merchandise of apparel, bags, mugs, stickers and pins. You name it, and it does get packed too.

Notably, it signals the degree of disposal income these InfoSec attendees have. I guess when you are willing to take home a mark of the world’s most prominent hacker convention, people spare no expense on it.

Interestingly, the merchandise store sells out by pretty much by end of the convention. In addition, the convention also runs a book store on the training halls, where you can find several InfoSec books, as well as buy video recordings of the various on-going talks.

Hacker bookstore wares on sale in the convention halls
Hacker bookstore wares on sale in the convention halls.

In conclusion, I hope you find my experience and tips at Blackhat USA useful. It is a fanastic event, with lots to do at every corner. From trainings, briefings and the massive tradeshows, you name it. It is one big multinational potpourri of people coming into possibly one of the best InfoSec conventions in the world to date. After all, what happens in Vegas stays in Vegas right?

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles