Homeland official asks Black Hat crowd to build trust

August 6, 2015 byBree Fowler
Homeland official asks Black Hat crowd to build trust
Deputy Secretary of Homeland Security Alejandro Mayorkas speaks at the Black Hat conference Thursday, Aug. 6, 2015, in Las Vegas. The annual computer security conference draws thousands of hackers and security professionals to Las Vegas. (AP Photo/John Locher)

A top Obama administration official says the government and the data security community need to focus on building trust so information about cyber threats can be shared between them for the greater good.

Alejandro Mayorkas, deputy secretary of the Department of Homeland Security, says he recognizes that a trust deficit exists between the government and those who deal with data security, but says that needs to change.

"The best way to address the trust deficit is to build trust," Mayorkas said during his address Thursday at the final day of the annual Black Hat hacker conference in Las Vegas. "That's probably not an overnight process. It's probably an incremental process, but let's take the steps we need to."

But several people in the crowd of hackers and information security professionals expressed concern that any information about cyber threats shared with the government could be used against them.

The federal government also has come under fire in recent months for its own failures in cybersecurity.

Last month, Katherine Archuleta, director of the federal Office of Personnel Management, resigned in the wake of a government data breach that is believed to be the biggest in U.S. history.

Hackers downloaded Social Security numbers, health histories or other highly sensitive data from OPM's databases, affecting more than five times the 4.2 million people the government first disclosed this year. Since then, the administration acknowledged a second, related breach of systems housing private data that individuals submit during background investigations to obtain security clearances.

Homeland official asks Black Hat crowd to build trust
The shadow of an attendee is cast on a screen during the Black Hat conference Thursday, Aug. 6, 2015, in Las Vegas. The annual computer security conference draws thousands of hackers and security professionals to Las Vegas. (AP Photo/John Locher)

Among the data the hackers stole: criminal, financial, health, employment and residency histories, as well as information about families and acquaintances. The second, larger attack affected more than 19 million people who applied for clearances, as well as nearly 2 million of their spouses, housemates and others.

Mayorkas acknowledged that the cybersecurity of some government agencies is more advanced than others, but added that the White House has recently taken drastic steps to heighten overall governmental cybersecurity. Meanwhile, it's also involved in ongoing efforts to invest in research and development in the area.

Later on Thursday, hackers Runa Sandvik and Michael Auger spoke about how they managed to hack a Wi-Fi-enabled rifle. While they could not fire the rifle remotely, they were able to change its target by taking control of its scope.

"At the end of the day, it's just an armed computer running on Linux," Auger said at a press conference ahead of the presentation.

Homeland official asks Black Hat crowd to build trust
Deputy Secretary of Homeland Security Alejandro Mayorkas speaks at the Black Hat conference Thursday, Aug. 6, 2015, in Las Vegas. The annual computer security conference draws thousands of hackers and security professionals to Las Vegas. (AP Photo/John Locher)

Auger said he thinks the odds of someone hacking and taking control of that specific rifle, of which only about 1,000 are on the market, are very remote.

It took the husband and wife team about a year working on and off to successfully hack the rifle's scope. And Auger added that very few people who own the rifle actually use it's Wi-Fi capabilities, which would need to already be turned on in order for the rifle to be hacked.

Additional panels detailed how bug bounties work, data security dangers for cities and the pros and cons of biometric identifiers.

Explore further: US: More than 21 million affected by government data breach (Update)

Related Stories

Chinese hackers got US security files: report

June 13, 2015

A data breach of millions of US government employees allowed Chinese hackers to access sensitive information including security clearances of the workers and contractors, the Washington Post said.

Top US official quits after massive government hack

July 10, 2015

The director of the US Office of Personnel Management resigned Friday after a devastating hack of government databases that saw the personal information of millions of federal workers and contractors stolen.

Union says all federal workers fell victim to hackers

June 11, 2015

A major union says the cyber theft of employee information is more damaging than it first appeared, asserting that hackers stole personnel data and Social Security numbers for 4 million current and former federal workers ...

Recommended for you

EPA adviser is promoting harmful ideas, scientists say

March 22, 2019

The Trump administration's reliance on industry-funded environmental specialists is again coming under fire, this time by researchers who say that Louis Anthony "Tony" Cox Jr., who leads a key Environmental Protection Agency ...

Coffee-based colloids for direct solar absorption

March 22, 2019

Solar energy is one of the most promising resources to help reduce fossil fuel consumption and mitigate greenhouse gas emissions to power a sustainable future. Devices presently in use to convert solar energy into thermal ...

2 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

Shootist
5 / 5 (1) Aug 06, 2015
"Homeland" and the Federal Government are, if not the pinnacle cyber security threat, certainly one of the top . . . . no, the Federal Government is the apex predator of cyber security.
DeliriousNeuron
5 / 5 (1) Aug 06, 2015
A bit too late to gain ANYONE'S trust!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.