For the third year in a row, Palo Alto Networks will collaborate with other top security vendors and experts who help run the Black Hat Network Operations Center (NOC). We help provide stability, visibility and security in the NOC.
If you’re heading to Las Vegas this week for Black Hat, BSides or DEF CON, you should prepare yourself for connecting to some of the world’s most hostile networks. Our consulting engineers and systems engineers have compiled the following survival tips based on our experience working in the Black Hat NOC:
1. Update all systems and apply all patches before you arrive: Make sure your equipment is protected by updates for all known vulnerabilities. The largest amount of data consumption at every Black Hat conference is generated by systems retrieving updates, with Microsoft and Apple splitting that traffic almost 50/50.
2. Run a personal firewall: Make sure to enable firewalls that come with your operating system. This will help keep the undesirables from having their way with your system once connected to the network.
3. Use a VPN: Use a virtual private network to encrypt all communications back to a trusted network where it can be decrypted. This prevents eavesdroppers, the NOC and Internet Service Providers from snooping on you. Ensure all authentication (email, web, etc.) is done using SSL or HTTPS . When logging in to any service, make sure you use HTTPS or SSL. Make sure that there are no certificate errors or warnings associated with the connection. There is an alarming amount of unencrypted authentication traffic at every Black Hat event.
4. Scan your system for malware: Scan your system multiple times while you’re at the conference. We see it at every show – someone connects their system to the network and immediately starts beaconing to malicious domains and/or immediately a network scan kicks off without the user’s consent or knowledge
5. Be mindful of what you are surfing: This is not the time to check your bank balance. Think twice before connecting to any private content during the show – especially if you’re not using a VPN.
6. Lock your system when you step away: How would you like to have an email sent from your device without your knowledge? This can easily be avoided by just making sure that you lock your system every time you walk away from it. Make sure it has an auto-lock enabled in the event that you forget – you can at least minimize the window of opportunity for an attacker. Also never leave your phone unattended.
7. Use privacy filters on all screens: Why hack your system when an attacker can just read everything you type by looking over your shoulder? Privacy filters won’t prevent this entirely, but they do help.
8. Self-Awareness and Social Engineering: Don’t get conned at the ‘con. ‘! Things like conference badges, hotel key cards and even credit cards hold a decent amount of personal information via radio frequency identification (RFID) tags. These can be sniffed, read and cloned in passing (talk about a drive-by!). It’s not a bad idea to have a RFID blocker sleeve or wallet. Better yet, stay analog and only carry cash. Be mindful of your surroundings and people not respecting your personal bubble.
While these precautions are necessary when stepping into hostile territory, they are also great tips to use every day. You never know when the person sipping a cappuccino next to you in a coffee shop is actually a hacker.
Stay safe out there!