Las Vegas Hacking Convention Exposes Security Flaws

What is Data Exfiltration and How to Prevent

While hacking has a place among many enthusiasts as a test of skill, almost on the level of an art form, the monetary side of the equation is probably the most visible to the public. By targeting heavily moneyed industries, these hackers can either attempt to take the currency for themselves or simply use their expertise to display flaws within the system that need addressing.

The latter appeared to the case for the latest annual DEF CON hacking convention, as it returned to its home in Las Vegas. Held at the Caesars Palace casino, this convention attracts a wide range of security industries and experts. From the expected hackers and crackers to researchers, federal government employees, and even lockpickers, if it deals with security, chances are it is addressed in some form at DEF CON.

This does raise the question as to why you would hold a security convention in a city so reliant on high-tech protection, and perhaps that’s the answer in itself. Using technology to get around gambling odds has been a controversial part of the gambling equation for years; whether roulette, slots, or any other classic game, hackers have tried to target everything at some time, with varying levels of success. Hosting DEF CON in Las Vegas makes a bold statement, one that associates Las Vegas and gambling with the most advanced security options available.

Making headlines in 2018 was an unusual ‘coincidence’ which occurred at the Linq casino, located across the street from the DEF CON convention. At one point, dozens of slot machines within this casino went dead simultaneously, either displaying an error message or going completely offline.

A spokesperson for the Linq made the claim that the timing of this event was entirely coincidental with the hacking convention across the street, but industry experts have questioned this official response. It is unusual for these machines to go offline at all, they claim, even in small numbers, so the idea that a wide range of them could go offline at once seems questionable at best.

Since the outage, there have been no reports of stolen money or data, though it should be noted that Las Vegas casinos tend to play their cards close to their chests in this regard, lest the reputation of their establishment suffers.

This attack, if it is that (and indications are strong), remains so questionable because of how pronounced the security in online casinos, the industry’s cousins, tends to be. In a way, this makes sense, as even to take advantage of offers like free spins with online casinos, players need first make a deposit, meaning even entering the virtual doors requires some level of protection.

As it turns out, this is far from the first incident to have occurred at DEF CON, with other cybercriminals and controversies showing their heads more than once.

One of the more pronounced on this front was the audacious installation of a fake ATM at the conference center where DEF CON was being held in 2009. During 2009’s event, the replica machine was able to capture data from a wide range of users, though the exact numbers of users affected are not known.

A later event in 2017 had notorious malware developer Marcus Hutchins arrested following his alleged involvement with the Kronos banking Trojan.

With so many world-class hackers from all over the world viewing DEF CON as the mecca of modern digital security, it’s not entirely surprising that the event has had such controversial moments. This is hardly a convention for criminals, however, as much of the technology and techniques shown at DEF CON have gone on to help secure the devices and systems which we use every day.

For those interested, the next DEF CON takes place in Caesars Palace and Flamingo on
August 9-12, 2019. With attendance expected at 28,000, this promises to be the biggest one yet and stands as a great opportunity to see what the world of online and digital security could bring next. This is where the next generation of casino security is born, both online and off, so perhaps its proximity within one of gambling’s central hubs is an effective way of getting a jump on concerns before they become real problems.

Kevin Jones951 Posts

Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register