Large screens line one wall in a darkened room in a Las Vegas convention center. All the monitors except one show charts and graphs that track the activity of hackers down the hallway. The other screen shows the 1983 movie "War Games," featuring a youthful Matthew Broderick as an ace hacker.
Welcome to the NOC, or the network operations center, of Black Hat, an annual conference in Las Vegas where cybersecurity researchers gather to trade hacking secrets. The purpose of the conference, in theory, is to get better at stopping bad guys. But in practice, that means learning to think like a skilled hacker as new techniques are presented and taught.
Conference attendees often turn the new skills they've learned on the network here in the Mandalay Bay convention center, said Neil Wyler, better known at hacking conventions as Grifter.
Hackers gonna hack.
That's why the volunteers here in the NOC have such a tough job. They're cybersecurity professionals in their regular lives, and they have to apply all their skills just to keep the Wi-Fi flowing. Two stuffed animal mascots watch over them: Helga the sheep, and Lyle the gorilla. A makeshift room off to the right houses a sleeping area. Visitors can come in and watch it all from behind glass walls.
So what exactly are they up against this year? Mostly hijinx, said Wyler, who's been helping in the Black Hat NOC for 14 years.
The biggest incident targeting the NOC ended up being a practical joke.
"There was a large spike in traffic for about two and half minutes," Wyler said. The NOC team looked into it and found someone was sending a 1.3-gigabyte stream of plain text. Looking at the text, Wyler saw it said "I <3 Grifter" over and over again.
Wyler could see on the NOC computer system which area of the conference the message was coming from. He walked there and told them to knock it off.
After he returned to the NOC, he saw another stream of text. "Thanks for having a sense of humor," it said, over and over again.
But while hackers haven't struck the heart of the network here at Black Hat, they are sending some pretty nasty stuff over the wireless. Wyler said he's seen some bad malware flowing across the network targeting the computers of conference attendees. His response? He doesn't connect his own devices into the Wi-Fi at Black Hat.
The company providing Wi-Fi, Ruckus, was the subject of a report released at Black Hat on Wednesday. In an oddity that could only happen at a conference like Black Hat, the research found vulnerabilities in the Wi-Fi routers sold by the very company that was here providing the Wi-Fi.
Ruckus didn't respond to requests for comment on this story.
Still, Wyler said the vulnerabilities weren't a big deal from his perspective. "It's not something that doesn't happen at every company every day."
After my tour of the NOC, I went to the press room to write another story, ever more wary of what would happen while I was connected to the Wi-Fi. After a couple hours, Wyler wandered into the press room to chat with the conference staff there.
Seeing me, he said, "We patched that, by the way." The router problem is solved, for now.
Black Hat Defcon 2018
reading•Black Hat volunteers fight to keep hacking mayhem at bay
Aug 17•Black Hat and Defcon cybersecurity experts share tips on how to protect yourself
Aug 15•Defcon hacking challenge swings a sledgehammer at unlucky computers
Aug 14•I got beaten up at Black Hat in the name of cybersecurity
Aug 13•Teddy Ruxpin learns some new words after a quick hack