Security Experts:

Connect with us

Hi, what are you looking for?



Uneasy Detente Between Def Con Hackers, ‘Feds’

There was some bridge-building, but a real rift remained on Saturday between US spy agencies and the world’s most infamous hacker gathering.

There was some bridge-building, but a real rift remained on Saturday between US spy agencies and the world’s most infamous hacker gathering.

Scandalous revelations about sweeping online snooping by intelligence agents caused fury in the Def Con hacker community two years ago. That led founder Jeff Moss to call for a “cooling off period” during which “feds” avoided coming near the annual conference in Las Vegas.

The chill has given way to uneasy detente in which the door could be open to US spy or law enforcement agencies to take part in panels or presentations, if they are ready to be honest about what is going on and face hostile questioning by wary hackers.

“They could come back and explain themselves, but nobody has had the guts to do that yet,” Moss told AFP.

“I would say that we are in a ‘trust, but verify’ stage. If it is a national security thing, they need to have a real good story and be ready for hard questions.”

Deputy Secretary of Homeland Security Alejandro Mayorkas braved Def Con on Friday to give a presentation centered on the need to work together to fight cyber threats – a theme hit often by government agencies welcomed here prior to cyber spying scandals triggered by one-time intelligence contractor Edward Snowden and former US Army soldier Bradley Manning.

Whiskey and back doors

Mayorkas accepted the traditional shot of whiskey given to first-time Def Con speakers, but sidestepped a hacker’s request that he take a stand against building “back doors” for intelligence agencies to slip into encryption used to scramble email or other data traversing the Internet.

“I can not say ‘yes’ and I can not say ‘no’,” Mayorkas said, noting that it was the only time during his talk that the audience applauded. “I know what the problem is, and I don’t know what the solution is.”

The problem, he maintained, was tapping into digital communications that could expose threats by terrorists or others.

Moss said Mayorkas made the Def Con stage because DHS hasn’t been implicated in leaks about online spying. He noted that at last year’s Def Con, the Federal Trade Commission gave a presentation about zapping annoying ‘robo-calls’ and there was no drama.

The DHS also runs the Computer Emergency Readiness Team (CERT) that alerts companies to cyber threats.

The US Department of Defense research agency DARPA, which was involved in the creation of the Internet, is at Def Con to talk about a Cyber Grand Challenge that will pit computers against one another in a hacker version of the game Capture the Flag.

The final round of the Challenge will take place next year at Def Con, which has long had teams of human hackers playing the game, and boasts nearly $4 million in prize money.

Booting spies

“If the FBI or the NSA or the CIA wanted to try to give a speech, I think there would be some problems,” Moss said.

“If other agencies want to come and try to repair relations, I counsel them to really think through how they are going to repair trust.”

Moss had little doubt that members of intelligence groups from a variety of countries were at Def Con for either work or personal reasons, paying the $230 cash entry fee and walking in no questions asked.

“They are still here; you can see them,” Moss said.

“For a while, it was growing to be kind of cool to have them in the community, but they were never really open about what was going on.”

He said Def Con volunteers working as “goons” at the conference have booted out agents of foreign intelligence groups secretly recording goings on at the gathering.

“They have backpacks with small holes cut in them and they walk around recording everything,” Moss said.

“If we find them, we kick them out.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...