DefCon is one of the world’s largest hacker conventions — held annually in Las Vegas, Nevada — with the first conference taking place all the way back in June 1993.
Now in its 25th year, the DefCon draws as many as 25,000 people with the skills to hack into computers, smartphones and other internet-connected devices. The show, which began on Thursday and runs through Sunday, July 27–30, 2017, is being held for the first time at Caesars Palace to house a bigger crowd.
Kwame Joyner, a barman on the Las Vegas Strip, knows to turn off his WiFi this week and learned to be careful surfing the internet on public WiFi hotspots.
Like many others on the Las Vegas Strip, Joyner knows plenty of hackers and cyber-security specialists are in the city. Those hackers and alike may want to test their skills hacking onto the local networks.
“It is amazing to me that we have enough of a reputation now that people here know to turn things off,” said Brad. Brad, like many information technology gurus attending the DefCon conference in Las Vegas, declined to provide his last name for safety and security reasons.
DefCon comes on the heels of Black Hat, a conference and trade show for the cybersecurity professionals that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. The six-day Black Hat show, which pulled more than 15,000 people, ended on Thursday at Mandalay Bay.
While the conferences are a lucrative business for both Mandalay Bay and Caesars, filling up hotel rooms and restaurants during what is traditionally a slow period for the convention and meeting industry, they do require extra security precautions.
“All of Vegas prepares. There are memos that go out to the IT teams to let them know who is in town,” said Melanie Ensign, a spokeswoman for 2017 DefCon. “We have seen more outreach to smaller businesses to be aware.”
“We do take steps to monitor our systems during this prestigious gathering. As the host venue, we can be a tempting target for some mischief,” said Gordon Absher, a spokesman for MGM Resorts International, the parent company of Mandalay Bay. “We use this as an opportunity to remind our employees of the importance of protecting our computers and systems from unauthorized use.”
“Just as we do year-round, we ask our employees to follow our ‘see something, say something’ protocol and alert security and their managers of any suspicious activity,” according to Jennifer Forkish, vice president of corporate communications for Caesars Entertainment Corp.
Employees at both Mandalay Bay and Caesars said they were warned by the managers to be cautious when using their smartphones at work to surf the internet. The UPS center at Caesars Palace notified customers that they will only accept email attachments and no USB flash drive or email link will be accepted.
All Black Hat and DefCon attendees interviewed during the event said that they were taking extra precautions to keep their personal information safe and secured. While some said they are putting their devices into airplane mode while at the conferences and using only virtual private networks to access the worldwide web. Yet others are using so-called burner phones — a cheap, disposable, and prepaid handset device — that they will discard once the conference is over.
Other attendees in the conferences said they preferred to stay at hotels not hosting the events. Many, especially those attending DefCon, were concerned regarding using their credit cards and withdrawing money from ATMs at the convention centers.
Hewlett Packard (HP), an exhibitor at Black Hat trade show, gave away free holders that prevent people from reading the data on your credit cards.
“The big thing for me is cash only. You don’t want to swipe a card,” said Glenn who is attending DefCon for the first time. Glenn added that he is putting his mobile phone into airplane mode while at the conference.
There is no online registration requiring attendees to provide their names, addresses, contact number, email and work places. Attendees pay $260 in cash at the entrance and receive a generic badge. Credit cards are not accepted, because they are a form of identity.
Member of the press and media are not allowed to capture photos and videos in the hallways and are required to ask anyone for permission to photograph them. Some attendees are from government agencies like the FBI, CIA and National Security Agency and want to remain anonymous.