An IT Security Update: What Hackers Do to Have Fun

IT security is no small issue.  It’s not just your computer against a few random people out there who like to play pranks on other people’s computers.  There are actually organized hacker communities that provide platforms to collaborate, share best practices, boast about heroic breakthroughs and participate in all kinds of hacker “fun”.

Not all hackers involved in these groups fall under the unethical stereotype that probably comes to mind initially.  Some actually include federal agents, corporate IT professionals, lawyers and people who want to find out what latest attacks their systems are up against.  However, keep in mind that many of these public resources are openly available to unethical hackers as well.

Some  8000 people gather in Las Vegas each summer for DEF CON,  the largest and longest running underground hacking conference.  The conference organizers call themselves “goons” and go by names like “Priest” “Dead Addict” and “The Dark Tangent”.  The wireless network at the conference is nicknamed “the world’s most hostile network’ (as an attempt at flattery, so they say).  Besides discussing  computer security, the event includes all kinds of other hacker-friendly fun like  Capture the Flag  (where teams attempt to attack and defend computers and networks) and Spot the Fed (where everyone  tries to pick out the Federal agents from among the attendees by calling people up on stage and asking them questions).

The “Spot the Fed” contest took an interesting turn at a recent conference when the conference organizers changed it to “Spot the Reporter” to expose a Dateline NBC reporter who was there undercover trying to catch attendees admitting to crimes on a hidden camera .  The event organizers were alerted of her intentions prior to the event and even contacted her several times to ask her to register as press.  So, when she persisted to turn down their requests and showed up at the event as a regular attendee with the hidden camera, they decided to call her out publically in their new game called “Spot the Reporter”.  However, before they got a chance to call her to the stage, she bolted (followed by several hundred angry attendees and registered reporters).

The word on the street is that by the time she had made it to the airport, the hackers back at DEF CON had all of her personal information pulled up on the conference projectors and website- including her social security number, address, and  flight information.  The lesson here is don’t mess with hackers.

As professionals in the accounting industry we all need to commit to keeping our systems as secure as possible.  You might be surprised to know the most effective thing you can do to minimize your risk related to hackers is to keep Windows up-to-date.  Each week there’s potential that Microsoft will release an update that addresses some sort of security flaw.  If your firm hasn’t adopted a set of tools and policies to ensure these updates are regularly completed, please don’t hesitate to give us a ring so we can point you in the right direction.

By the way, if you happen to want a more in-depth retelling of the reporter incident mentioned above, here’s a link to an article with some footage caught on tape.