Black Hat USA 2018 Recap: 3 Security Things You Must Know

Black Hat USA 2018 opened our eyes to the next generation of security threats. Here’s what you need to do to keep your company’s data safe from hackers.

Black Hat USA 2018 gave attendees an insider’s look at the exploits that will soon make headlines.

Sean Metcalf, CTO of Trimarc discussed a new Active Directory exploit that creates undetectable admins. These “admins” can view all of your sensitive data, change your security settings, and control your environment. The users eventually expire – leaving no record trail behind. Once this exploit gains access to your Active Directory, it can take months or even years for you to identify it.

Researchers from Tencent Keen Security Lab explained how to find and exploit memory corruption bugs in smartphones. They also showed how hackers could compromise an Android device via an access point from a rogue cell phone tower. They took complete control of the device and removed data from it.

Cybersecurity researcher, Christopher Domas, also demonstrated that some x86 CPUs have backdoors that allow hackers to gain admin privileges. He referred to this as unlocking “God Mode.” Domas found these backdoors on a chipset made in 2003. However, it is likely that they exist in other chipsets.

3 Critical Lessons from Black Hat USA 2018

Black Hat USA 2018 took place in Las Vegas. This was fitting, as many enterprises gamble with their data. They treat their IT security like a reverse game of roulette and hope that hackers don’t land on their number.

For example, they may hire security professionals who aren’t qualified or ignore the latest exploits. They also may lack resources that give them a detailed view of their environment and threats.

But as the saying goes, “knowledge is power.”

The knowledge gained from Black Hat USA 2018 can help you get clear on your risks and define your security strategy for the next year.

Here are our top three takeaways from the event:

1. Get comfortable being uncomfortable

Is your security team causing conflict within your enterprise?

If not, they aren’t doing their jobs.

It’s up to your team to identify security threats and start discussions about what you must do to keep your data safe.

These discussions won’t always be easy.

In fact, they will often lead to disagreements and arguments. However, to gain an accurate understanding of your risks, you must get comfortable with being uncomfortable. In particular, you need to feel uncomfortable about the fact that you will always have security risks.

No one is 100 percent secure.

If you don’t hear about any problems from your security team, it’s not because you’re secure. It’s likely because they haven’t identified your vulnerabilities. When it comes to your security, no news is not good news.

Your security group can’t just maintain the status quo or ensure you pass audits. If they do this, the hackers will always be a few steps ahead of you. Security teams must suggest aggressive measures to protect your data – even if their recommendations make people upset. Then, they must effectively manage conflict.

As Parisa Tabriz, Director of Engineering at Google said in her keynote, “If you’re not upsetting anyone, you’re not upsetting the status quo.”

2. Your current security strategy may no longer be valid

Some companies are overwhelmed by the difficulty of discerning what constitutes a genuine security threat, so they fail to protect all of their devices against critical vulnerabilities.

But if you ignore the latest security threats, you’ll end up with massive problems down the road.

Not addressing potential threats is like refusing to floss. You may think that brushing your teeth is good enough. Or you may know that you need to floss but don’t want to add a few minutes to your morning routine to do it. Then, the next time you go to the dentist, you learn that your cavities are so deep that you need a root canal.

You can avoid much pain in the future if you assess your current state and measure your risks. Then, you can create a plan that helps you minimize these risks.

For example, attending Black Hat allows you to learn about the latest exploits. Then, you can take what you learned back to your enterprise, assess your current environment, and determine if you have any areas that are vulnerable to these new threats.

3. The future of IT security is diverse

This year’s conference drew more than 17,000 attendees from 112 countries. Attendees included 233 young security researchers who received scholarships from Black Hat to attend. We also observed a larger percentage of women at the conference.

Black Hat USA 2018 featured events aimed at building an inclusive environment. For example, Women in Security and Privacy sponsored a mentoring and networking session. Black Hat also hosted Queercon, the largest social network of LGBTQ hackers from around the world.

We were glad to see a more diverse community that represents our IT security future.

Black Hat Gives a Glimpse into What’s to Come

Every year, Black Hat makes us aware of new threats and teaches us better ways to protect our data. However, many enterprises already place too many burdens on their internal IT teams. This may leave you short on the people and resources that you need to keep your security practices up-to-date.

Working with a partner can remove the burden from your internal team and allow you to secure your on-premises and cloud environments. The right partner can help you design a comprehensive security strategy, as well as monitor your systems 24/7 for potential threats.

Do You Need to Shore Up Your IT Security?

Download our free guide on how to block security breaches at the endpoint and prevent malware from impacting your network.

You can also contact us today to discover how we can help you make your IT environment secure.