Summer camp for hackers

Labeled as the summer camp for hackers, a week-long set of security conferences including BSides LV, Black Hat USA and DEF CON were held in August. A mix of hackers, researchers, enthusiasts, and security experts descended on Las Vegas to immerse themselves in the world of cybersecurity.

While the attendance numbers of 2022 are projected to be lower than previous years due to the ongoing pandemic, thousands of attendees filled the city.

While some individuals enjoy the socialization aspect of a week-long trip to Las Vegas, many attendees go to gain education and learn different perspectives about the hardware and software technologies we use on a daily basis and the potential vulnerabilities found within.

One hack presented this year that could have significant interest to many Iowans was demonstrated by a hacker named Sick Codes.

An Australian who lives in Asia, he showed how he hacked into a Deere and Co. and gave himself access to change the manufacturer's software code. Sick Codes was able to obtain administrative access over the system and make code changes that had previously been locked by Deere.

While the attack performed by Sick Codes requires physical access to the device, it opens the door for a lot of questions about the right to repair and the obligations of manufacturers to develop secure systems and the implications when they are not secure.

In addition to talks, DEF CON and other security conferences hold many "villages," in which people can congregate and test specific sets of skills or hang out in specific areas of interest.

Car hacking, aerospace, ham radio, lock picking, passwords, social engineering and voting machines are just a few of the villages.

For those who did not want to make the trip to Las Vegas in the middle of summer, there are many cybersecurity conferences around Iowa that have quality content and attendance throughout the year that many should consider.

The Secure Iowa Conference is entering its 10th annual event on Sept. 21 in Altoona. The event keynote speaker, Scott Augenbaum, is a former FBI agent who has a wealth of knowledge and experience working on cyber crimes.

There also will be a multitude of talks and valuable information around IT risk management, compliance and privacy. The daylong event looks to be jam packed with a lot of quality information.

A multiple day conference in Davenport, CornCon, will be held Sept. 30 through Oct. 1. In addition to speakers throughout both days, CornCon will feature a high school cybersecurity event on Friday and a Kids' Hacker Camp on Saturday.

Lockpicking, virtual reality, capture the flag events and much more will be offered during the conference.

This conference is a great way to introduce young individuals to cybersecurity and offers excellent content.

The Easter Iowa Security Conference, BSides Iowa and Kernelcon conferences are a few other springtime events to keep your eye on for 2023.

Attending cybersecurity conferences offer a great way to listen to speakers talk in great detail about how they successfully hacked into various hardware and software components.

It puts into perspective the lengths a person will go to understand flaws and vulnerabilities in systems that can be exploited or break a system.

Paul Nus is the director of technology at Folience, The Gazette’s parent company, and a board member of SecMidwest, a Cedar Rapids-based not-for-profit focused on cybersecurity education; SecMidwest.org.