Defcon and Black Hat Founder Jeff Moss talks of cyber security

Jeff Moss is the man behind the origins of famous Black Hat and Defcon, two of the most influential conferences dedicated to improve the hacking and security. In the hacking community he is also known as The Dark Tangent.

Jeff is a hacker, an entrepreneur and also the cybersecurity advisor for the US government.According to what he told the IBTimes UK, the people who came to the Black Hat are all grown up now. They are not just in IT, they are in management and became directors.

Talking about these changes, he said:  Its getting to the point where I’m hoping that pretty soon the term cyber kind of goes away. Its part of manufacturing, part of automotive, part of safety, part of medical – it’s part of everything and we can prefix it all. It is becoming so pervasive, it’s just, security.

After four years after founding Defcon, Black Hat emerged as an experimental enterprise-facing conference. This, Moss said, was largely due to attendees having to justify their tickets to their employers. In 2016, it takes place across Las Vegas, London, Washington DC and Abu Dhabi.

If Defcon was the hacking conference, Black Hat became the enterprise conference – before there was an enterprise, Moss explained. All my hacking and security buddies, we got together and I got them to talk about what they found interesting, what were their security research projects and what were they thinking of.

It turned out that people wanted to come along and hear what they had to say. Over the years, I realised that what Black Hat had turned into what sort of a crystal ball because […] it turns out that the people who got their hands deep in the mud, they can see whats coming.

Hackers and the three-letter agencies

Deep down – at its core – Defcon has always had a proud streak of rebellion. It remains to this day a place where hackers can brush shoulders, and sometimes be recruited, by a slew of secretive government agencies, usually with three letters to their name.

I love Defcon because its different. Its got a sense of fun but its really about individual discovery, Moss said. They are different, one is more self-exploration, joy of discovery and puzzle-solving and the other one is about professional development and future trends and training. They are complementary.

In some ways it seems that hackers and the government should not get along. After all, federal agencies and judges are after accused of handing down tough sentences to hackers and online activists, from Jeremy Hammond to Bradley Manning.

Moss acknowledges there is a conflict of interest and admits that – in a post-Snowdenworld – things have changed. Before the former NSA analyst released troves of classified data he said G-men were tolerated and, in turn, they put up with us.

He elaborated: After the Snowden leaks there was sort of a disconnect where trust was broken and I think its going to be a while before its repaired. Interestingly, Moss believes the ongoing hacks against the US government by suspected Kremlin-affiliated groups is mending this relationship.

I think one way or the other though the attacks of Russian against the United States in this election cycle is in a weird way repairing a lot of that, he said. Its made it more concrete, its oh, thats why we need an intelligence agency because there is actually bad people out there.

For nearly a decade, Moss has worked alongside the US government rather than against it. His other accolades include jobs with Internet Corporation for Assigned Names and Numbers (ICANN), the Council on Foreign Relations (CFR) and the Atlantic Council.

So, it turns out he holds a more nuanced view on hackers vs. the government. As he explains to IBTimes UK, its a complex situation the intelligence agencies find themselves in. Or as he puts it: Its just a big ball of conflicted emotion.

On the topic of should government store zero-days – the same type of alleged NSAexploits recently leaked into the public domain by a group called The Shadow Brokers – Moss said previously abstract concepts (do they use them or tell the companies about them?) are now commonplace.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil