Identity at the Center Identity At The Center #6: Black Hat 2019
14 snips
Aug 9, 2019 At the Black Hat conference, a deep dive into the world of cybersecurity unfolds. Warshipping, a method of using mailed devices for network attacks, raises eyebrows. The talk shifts to military changes, like wearable identity tokens replacing CACs, enhancing security but presenting new risks. Deepfakes enter the conversation, revealing how AI creates convincing impersonations. Detection methods are discussed, emphasizing physical indicators and industry responses. Overall, attendees gain insights into future threats and innovative solutions.
AI Snips
Chapters
Transcript
Episode notes
Cybersecurity Is Now Front And Center
- Cybersecurity is no longer an afterthought at many organizations and gets board-level attention.
- Gaps remain across areas like identity and physical vs logical security that require continuous effort.
Warshipping: Mailroom Trojan Horse
- Jeff describes "warshipping": cheap cellular devices shipped to targets to bridge physical mailrooms into networks.
- The device finds Wi‑Fi, tunnels traffic over cellular, and lets remote attackers sniff and exploit network access.
Treat Unknown Devices As Network Risks
- Monitor and lock down unexpected wireless bridges and IoT APs because they can be exploited as network bridges.
- Inspect mailroom packages and treat unknown devices as potential network threats.