Federal employees planning to attend Black Hat 2015 — the annual cybersecurity event bringing together hackers and industry — should be prepared to have their devices tested.
Targeting government employees' smart phones, laptops and tablets has become an unofficial pastime at the event, whether by hackers testing their skills against (supposedly) top-of-the-line encryption or hacktivists striking out against surveillance tactics and other alleged government overreach in the cyber domain.
More: Event agenda for feds
"While Black Hat does not condone or endorse any sort of malicious activity, all attendees — regardless of their profession, level of experience or knowledge — should take the necessary precautions to ensure their security while onsite at the show," event organizers said.
For feds excited to see the latest in cybersecurity but wary of the dangers, here are five tips to shore up your devices ahead of Black Hat 2015:
Practice Basic Hygiene
While Black Hat will be a hotbed of hackers using advanced techniques, starting with the basics is still worthwhile. Engin Kirda, co-founder and chief architect at Lastline Labs, reminded attendees to be wary of opening emails from unknown senders, ensure all devices are locked with passcodes or swiping patterns and encrypt hard drives in case your laptop is lost or stolen.
Update Your Apps
The biggest vulnerabilities on any device are the applications they run. Amit Ashbel, product marketing manager at Checkmarx, said attendees should make sure all their apps have been updated to the latest versions before arriving at Black Hat. He also suggested removing any apps that have been breached recently or have known security weaknesses.
Trust Your Connection
Tomer Weingarten, CEO and co-founder of SentinelOne, suggested avoiding public WiFi connections — or really any unknown wireless network. Instead, stick to a personal hotspot or other trusted connections. And make sure you turn off "auto-connect" on network settings.
Ashbel added that security-conscious attendees might want to consider shutting off their WiFi completely while at the conference.
Avoid Removable Media
Weingarten said attendees should also avoid plugging in any type of removable media — USB drives, CDs, etc. — being given away at the event. These media might contain malware that could infect the user's device, leading to all kinds of issues.
Event organizers agreed. "If presented with a USB drive/key/thumb drive, do not plug it into your laptop unless you are absolutely sure you can trust its contents."
Dress to Blend In
Kirda suggested dressing down for the event to "avoid becoming a casualty of 'spot the fed.'"
"Consider dressing more like the crowd to blend in," he said. "Don't wear suits, ties or dress jackets. Dress casual and comfortably."
He also suggested leaving your agency name off the identity badge or keeping it tucked into a shirt pocket to remain incognito whenever possible.
For more, check out the Department of Homeland Security's Cybersecurity Tips page, which offer some best practices to avoid becoming a victim.