Feature Story

Rebels with a cause: Hacking for good

Cisco and Duo Security sponsor a Black Hat panel about what motivates some of the top security experts.

Cisco and Duo Security sponsor a Black Hat panel about what motivates some of the top security experts.

This is a guest post by Sean Michael Kerner


In an invite-only session at the Black Hat USA 2019 conference sponsored by Cisco and Duo Security  Joseph Menn, author of the new bestseller "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World, talked to a panel of hackers on how they first got involved and why hacking can be a good thing.


Luke Benfey, Head of Operations and Information Security at Cloud.IQ Ltd (aka Deth Veggie -- cDc Minister of Propaganda) explained that for him, hacker culture was about exploration without actually breaking anything. He said that once you actually destroy something, you stop being a hacker and start being a criminal.

See also: Safeguarding students and staff at scale

For Katie Moussouris, Founder and CEO, Luta Security, the mission of being a hacker was about helping IT teams become better educated about secure development.

"Developers were not writing new code as much as they were writing new bugs," she remarked.

Providing a moral compass within an IT organization is how Adam O’Donnell, Principal Engineer, Cisco Advanced Threat Group sees his mission as a hacker. While not providing too many specifics of things he did while part of the Cult of the Dead Cow, he emphasized that he is proud of very single thing he did. O'Donnell said that security technology can often have a dual use. It can be used to protect and if misused it can be used to oppress people as well. His mission as a hacker has always been about aligning his own moral compass about how technology is used. O'Donnell commented that of course there is a need to build technology to keep things secure, but there are multiple factors to consider about how the technology can and will be used.


The motivation for Dug Song, VP and GM, Duo Security, now part of Cisco, was a bit different than some of the other panelists. Song said that at a certain point in his career he became discouraged about security.


"Security is kind of like a used car and you can't tell if the products are effective until it's too late, " Song said.

 

See also: Dug Song interview at RSA


After a brief hiatus away from security Song said he came back because no one else was really solving many real security problems and he saw a need to help improve the space.


The hacker mission for Heather Adkins, Senior Director of Information Security, Google is to help keep people safe. Adkins said that Google's focus continues to be organizing the world's information and making it accessible.  Based on that, she simply cannot let malicious attackers hack Google. She also however echoed the views of other panelists about the moral compass that hackers have.

"We have to think about each step to make sure we're using it for the right thing," she said.


At the end of the panel, Menn was asked about his views on why hacking culture is important and what value it can bring to society.


"Hacking and critical thinking is a super valuable thing for society at all levels," Menn said. "People need to know that just because they take an outsider route, does not mean that there isn't an important place for them"

 

                                                                             ###

The contents or opinions in this feature are independent and may not necessarily represent the views of Cisco. They are offered in an effort to encourage continuing conversations on a broad range of innovative technology subjects. We welcome your comments and engagement.

We welcome the re-use, republication, and distribution of "The Network" content. Please credit us with the following information: Used with the permission of http://thenetwork.cisco.com/.