INVITATION TO CYBERSECURITY 64 carding), and was the subject of the book Kingpin by Kevin Poulsen—the same Kevin Poulsen of phone phreaking fame (see Figure 3.9). Tsutomu Shimomura was an early white hat hacker who became the nemesis of Kevin Mitnick after Mitnick hacked into his computer. Mitnick was on the lam from the FBI for several months trying to avoid capture, always managing to stay one step ahead of law enforcement as he moved from city to city, changing his identity multiple times. Eventually, the FBI hired Shimomura as a consultant, and he helped them locate Mitnick in a matter of days, proving the adage, “it takes a hacker to catch a hacker.” 3.2.6 Traditions There are two large hacker conferences every summer in Las Vegas that draw thousands of hackers. Black Hat is held one week and is focused on industry and vendors, and it is followed the next week by DEF CON which focuses more on hackers. The conference badges at DEF CON are an important part of the conference culture and sometimes contain electronic components with built-in hacking challenges (see Figure 3.10). DEF CON also features a popular scavenger hunt with hacker-themed clues and challenges. Figure 3.10 An electronic DEF CON conference badge. DEF CON holds a famous capture-the-flag (CTF) contest that draws elite hackers from all over the world. CTFs provide a legal way for hackers to hack and compete with one another, and are an important part of hacking culture. There are two main types of CTFs: Jeopardy-style and attack and defend. In a Jeopardy-style CTF, organizers set up a sandboxed cyber infrastructure with embedded flags (usually text strings) and also pose challenges in different categories worth various point values that the competitors can select among to try and solve (like in the Jeopardy game show). Competitors earn points by finding flags and solving challenges. In an attack and defend CTF, the competitors are
RkJQdWJsaXNoZXIy MTM4ODY=