Black Hat Conference Highlights Hacking Demos

Back in the 90s, hacking was considered a taboo practice among the PC community worldwide. The consensus has seemed to change somewhat in the 21st century, with more companies and federal institutions accepting and even inviting the more skilled hackers into their establishments.

The hacking community that exists today incorporates a series of "hats" to denote their respective professions in the hacking field, including white hats (testing Internet security) and blue hats (testing IT infrastructure before it goes online). However, those in the community known as black hats garner the most attention.

Black hats are those who violate Internet security with malicious intent, including taking information deemed classified and making it public (Anonymous and LulzSec, for example). Not all black hats are malicious, however. Some in the community simply hack devices to make them function differently.

Regardless of the black hat moniker, a group within that community decided to start a hacking conference of sorts. It has grown in popularity since its inception in 1997.

Known as the Black Hat conference, the symposium highlights hacking methods from the elite within the community, many of which can be downright frightening for those in the IT business.

Past demonstrations included hijacking WiFi, intercepting cellphone calls and text messages, and thwarting motion detectors using infrared lasers. As scary as those may sound to some in the security community, they are nothing compared to the level of manipulation the late Barnaby Jack was able to inflict on devices known to be incredibly secure. In 2010, the former director of security for IOActive demonstrated the ability to "jackpot" (exploit) ATM machines, making them dispense money without the need of a bank account. He was able to do so both remotely and physically by injecting malware into the machines' OS through the remote managing system, using default passwords to gain entry.

In 2011, he demonstrated how to hack an insulin pump wirelessly using a high-gain antenna up to 300 feet away, without the need of the pump's serial number to gain access. (Pumps are calibrated wirelessly by medical professionals using an individual device's serial number.) During the demonstration, he was able to make the pump deliver a dose of 25 units until draining the pump's reservoir, which would kill a normal patient outfitted with one.

If that wasn't frightening enough, in 2012 Barnaby demonstrated the ability to hack a pacemaker, delivering enough lethal voltage to effectively assassinate its user! His exploits caught the attention of the Food and Drug Administration (FDA), where his testimony forced the agency to change its regulations regarding wireless medical devices.

Of course, attendees of the conference display their skills through antics by hacking hotel TV services (to watch pay-per-view for free), hacking the ATMs in the venue's lobby, and passing around a thumb-drive that introduced the Conficker virus, resulting in the infection of millions of computers.

What will the next conference bring forth from the black hat community? Only the lucky few who manage to get passes will know before the rest of us, unless of course you're able to hack the site to get them.

Related posts: