Over the years, Black Hat has become one of the largest information security events in the world as cybersecurity has hit the mainstream. The event is known for putting the spotlight on security researchers and giving them a platform to share their latest work.
Black Hat is also a barometer for the top issues that are plaguing the cybersecurity industry right now. Here are four key storylines that were the talk of Black Hat USA 2017, held in Las Vegas last month:
- WannaCry: On May 12, a strain of ransomware known as WannaCry hit thousands of computers globally, encrypting data and demanding ransom payments paid in Bitcoin. WannaCry spread rapidly by exploiting a zero-day vulnerability, or security weakness, in Windows computers. Although the vulnerability was patched by Microsoft in March, many users did not install the patches, in turn allowing WannaCry to wreak havoc on the industry. The exploit, known as EternalBlue, is generally believed to have been developed by the U.S. National Security Agency (NSA) and was leaked online in April by a group called The Shadow Brokers. After the WannaCry ransomware attack hit, cybersecurity firm Symantec* found strong links between WannaCry and Lazarus, a group responsible for the Sony hack in 2014 and the theft of $81 million from the Bangladesh Central Bank in 2016. The largest ransomware attack in history, WannaCry has yielded about $143,000 for the attackers. The clean-up continues for the affected organizations and individuals.
- Petya: On June 27, a different strain of ransomware, known as Petya, hit many organizations internationally, particularly in Ukraine, where the attack originated. Petya used the same EternalBlue exploit as the WannaCry ransomware outbreak. It was later discovered by Kaspersky Lab and Comae Technologies founder Matt Suiche that Petya was a wiper disguised as ransomware. While ransomware is meant to encrypt data and make money, a wiper is designed to destroy and damage data. Even if victims paid the ransom, they weren’t able to retrieve their data. Ukraine’s state security service (SBU) accused Russia of being behind the Petya attack. Tensions between the two countries have been high since Russia annexed Crimea in 2014.
- Russia: It’s been more than a year since John Podesta (former chairman of the 2016 Hillary Clinton presidential campaign) received a spear phishing email that allowed Russian intelligence agencies to infiltrate the DNC’s computer systems. This led to DNC emails being leaked by WikiLeaks during the 2016 U.S. presidential election. Several cybersecurity firms, most notably CrowdStrike, and many U.S. intelligence agencies confirmed that Russia was responsible. The hack is still talked about today, and more information about it is still being uncovered. A Department of Homeland Security official revealed in late June that Russia targeted voting systems in up to 21 states, though there was no evidence that any votes were manipulated.
- Kaspersky Lab: Because of Russia’s involvement in hacking the DNC and the U.S. presidential election, one cybersecurity company in particular has been put under the microscope by the U.S. government. Moscow-based Kaspersky Lab is suspected of being too closely connected to the same Russian intelligence agencies accused of conducting cyberattacks against the United States. In response, the Trump administration last month removed Kaspersky from two lists of approved vendors used by U.S. government agencies to purchase technology equipment.
Eddy Rivera is an account executive, Technology, Edelman Chicago.
*Edelman client