IDG News Service - Four South Korean journalists were booted from the Defcon hacking conference this week after conference organizers decided their story didn't quite add up.
Conference representatives released few details of the incident. They said Sunday that they'd ejected the journalists two days earlier after deciding that they simply weren't acting like press. They believe that one member of the group was a legitimate journalist, but that the other three were on some sort of intelligence-gathering expedition.
Hackers who the group interviewed at the show said that their questions seemed inappropriate, organizers said. The journalists attended one day of Defcon's Black Hat sister conference before being ejected on Friday.
Defcon did not release the names of the journalists or say who they claimed to work for.
This kind of incident happens nearly every year, said one of the show's senior organizers who goes by the name "Priest."
In the past, they say they've caught members of Mossad, the French Foreign Legion, and other organizations posing as press. By registering as journalists, they can get more time to query researchers and raise no suspicions by asking probing questions.
"When you think about it, being a member of the press is a pretty good cover because you can ask difficult questions, people love to see their names in print and in lights, so they're much more likely to talk to you, so you can get away with a lot more," Priest said.
The French Legionnaires were easy to spot, he said. "There's a certain body type you find with people who are in that type of work," he said. "Broad shoulders, narrow waist, not very tall. I'm looking at these guys, going, 'You're in far, far too good shape to be press.'"
The Legionnaires eventually admitted that they were not press and were allowed to stay at the show as regular attendees. They even went on stage for Defcon's annual "spot the fed" contest where people are invited to pick out government employees from a group of attendees.
Government employees posing as press often move very quickly to technical questions, rarely showing any interest in the motivation behind the research. They get "very technical very quickly," Priest said. "They're much more interested in what the latest is and what the greatest is and how they can use it."
Often they also ask about U.S. government systems or seem to be gathering intelligence on the presenters, he added.
And often attendees are happy to provide the information, thinking that it may be used in an article, particularly young, inexperienced hackers, Priest said. "You've got usually a very introverted individual, who usually doesn't have a lot of friends, and if you have someone paying attention to you... you're flattered; you're ego's being stroked; you're much more likely to try to impress that person."
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5
- This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms
- In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86
- Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye
- Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe. All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts