Secretive group seeks recruits at Defcon, finds skepticism
Project Vigilant has been dismissed by some in the security community
IDG News Service - A secretive volunteer group that tries to track terrorists and criminals on the Internet went to the Defcon hacker conference this past week in hopes of recruiting information security experts, but it will first have to overcome some skepticism.
That's because most information security professionals have never heard of the group, called Project Vigilant. The group's director, Chet Uber, came forward Sunday at a press conference run by Defcon organizers to try to recruit volunteers from among the show's attendees.
"We need more people," Uber said. "By increasing the numbers, we increase the likelihood that we will get the work done."
Run by former military, law enforcement and intelligence volunteers, Project Vigilant is able to monitor more than 250,000 IP (Internet protocol) addresses each day and create profiles for bad actors, their online identities and even the IP addresses they use.
The group has access to data provided by 12 regional Internet service providers and also gathers intelligence from its growing network of volunteers, Uber said.
It is sponsored by a Fort Pierce, Florida, company called BBHC Global and receives funding from U.S. government research projects. It can often react more quickly than federal agencies to emerging threats, and feeds the data it collects back to the government, he said. The group was founded in 1996 and is comprised of more than 600 volunteers.
To date, Project Vigilant has recruited members by word of mouth, and Uber has kept off most information security lists.
That raised question marks for some. "If you've been around for 14 years and you say your whole goal is to safeguard the U.S. against cyberthreats ... why hasn't he participated in any security communities?" said Andre DiMino, a co-founder of the Shadowserver Foundation, which tracks online threats such as the Conficker worm.
Jart Armin, the pseudonymous researcher behind the Host Exploit cybercrime research website, was dismissive of the project. "A group that does not provide any public record or reports of its activities, while stressing how it does good, would appear as a PR stunt," he said via instant message.
That kind of skepticism isn't surprising, given that the group has kept such a low profile for so long, said Kevin Manson, a former prosecutor and instructor with the Federal Law Enforcement Training Center who has worked with Project Vigilant.
"Their work has been going on for at least a decade, and some of the people who are working on this, quite frankly, don't want to have their names in the media," Manson said.
"It's probably one of the most interesting projects I've personally been involved with in the past 10 years," he added.
On Sunday, Uber said he was the first person to call the federal government about the sensitive cache of documents allegedly leaked by U.S. Army Intelligence Analyst Bradley Manning, and which was ultimately published on Wikileaks. Manning leaked the documents to Adrian Lamo, who does "adversary characterization" for the group, Uber said.
According to Uber, Project Vigilant also played a role in Iran's Green Uprising last year, operating five Internet proxy servers that helped dissidents circumvent government spying and move information out of Iran and into the hands of dissident groups.
The project obtained election results from many polling stations within Iran and was able to analyze them for fraud, he said. They found, for example, that in some villages where voting was expected to be split 50-50, the votes were going 100 percent for Iran's President, Mahmoud Ahmadinejad.
With Project Vigilant's focus on national security, it's not surprising if the group has had little contact with white-hat hackers and researchers such as DiMino and Armin, said Steve Santorelli, director of global outreach with Team Cymru, a not-for-profit security research firm.
"It doesn't make them irrelevant or bogus or charlatans," he said. "It just means that the world that they inhabit hasn't intersected with the security community."
Santorelli said he too had not heard of the group before Sunday.
Manson had this piece of advice for skeptics: "I would invite them to submit their résumés and see if they can be helpful to us on our mission."
Black Hat/Defcon 2010
- Secretive group seeks recruits at Defcon, finds skepticism
- Hacker snoops on GSM cell phones in demo
- Free Android apps scrape personal data, send it to China
- U.S. should seek world cooperation on cyber conflict, says ex-CIA director
- 'Unhackable' Android can be hacked, Black Hat researchers say
- Update: ATM hack gives cash on demand
- BitBlaze tool boosts bug-hunting productivity 10-fold
- Apple patches Safari ahead of Black Hat talk, launches add-on gallery
- Black Hat: Most browsers can be made to give up personal data
- AT&T: We don't intend to stop Black Hat demo
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!