By Lana Sweeten-Shults
GCU News Bureau
Grand Canyon University senior IT major Tyler Ostapuk came to this realization: What happens in Vegas doesn't always stay in Vegas. Sometimes it gets hacked, as the Voting Machine Hacking Village demonstrated last weekend at Defcon.
It was at Defcon, the hacker event of the summer, that Ostapuk joined others in doing what event organizers challenged them to do: break into America’s voting machines.
Defcon launched its Voting Machine Hacking Village in 2017 so cybersecurity aficionados could find vulnerabilities on often outdated machines used in current elections (many of them likely will be used in the 2020 presidential election). Hackers exposed those vulnerabilities within minutes.
“You can literally modify votes with a keyboard,” said Ostapuk, who said the Voting Machine Hacking Village was his favorite area of the Defcon convention, which wrapped up on Sunday in Las Vegas.
The GCU student, whose IT emphasis is in cybersecurity, was just one of 52 Lopes who made their way to Vegas for, not just Defcon, but for Black Hat, the world’s largest IT event. The back-to-back IT security and hacker gatherings -- together they're dubbed "hacker summer camp" -- attracted tens of thousands of cyber professionals and enthusiasts.
GCU’s presence at Black Hat, a corporate-type, IT networking conference, and Defcon, designed as more of a fun hangout for hackers, is a big deal for the University.
“It took about three years to get GCU on the list for our students to be included,” said Deborah Haralson, IT program and IT-cybersecurity program lead for the College of Science, Engineering and Technology. She had known for a while about Black Hat’s conference associate program for university students and wanted GCU to be part of it. “Black Hat is the most anticipated cybersecurity conference in the world, and rightly so. It is truly an international event. Five years ago, there was only one university whose students were accepted as conference associates. Today, GCU is one of three.”
This is the second consecutive year GCU students were chosen as Black Hat conference associates.
“As a whole, there are around 700 applicants … and even people from GCU who did apply did not make the cut,” said Crystal Wake, the first female president of GCU’s IxT (the Information x Technology Club, formerly known as the Innovative Computing Club). Organizers look for students who are leaders in IT on their campuses, she added.
Conference associates worked eight- to 10-hour days, making sure the event ran smoothly.
“There are a lot of rock stars in the IT world, some of the top leaders in the IT industry” who are at Black Hat, said Wake, who had the chance to meet some movers and shakers in the field. “We get to see the latest and greatest in IT.”
Ostapuk said what he loved about Black Hat was “being around the (IT and cyber) community and seeing what these people do and how they live.”
He got to pick the team he would assist during the conference and had the chance to “make friends with these guys who have been in the industry for years.” It was one of those unique networking opportunities, he said.
Ostapuk got to speak with a professional involved in malware reversal engineering, something he’s now thinking he might like to do.
One of the benefits of working at Black Hat, besides meeting leaders in the field, is that conference associates also get passes to attend Defcon.
GCU senior Tyler Kowalski-Foley, who is studying IT with a cybersecurity emphasis, said his favorite part of his 11 or so days in Vegas for both events was the Packet Hacking Village workshops at Defcon.
He participated in the Wall of Sheep, an interactive demonstration of what can happen when network users let their guard down. Participants observe the traffic on a network and look for evidence of users logging into email, web sites and other network services without the protection of encryption. People (lovingly called "sheeple") whose information hackers are able to access are placed on the Wall of Sheep. It's a public service to remind users that malicious people could do the same thing, and users also are educated on what tools they can use to prevent information leaks.
“They gave us an Ethernet cord and allowed us to work on an app called Wireshark – it’s the same app we use at GCU for some of our classes,” Kowalski-Foley said. “It allows us to listen to any network traffic; I could see anyone’s data. … I could see passwords, usernames.”
Kowalski-Foley said at Packet Hacking Village, hackers gained access to 10 accounts -- he contributed seven himself.
Many of the activities at Defcon helped hackers become familiar with techniques that cyber criminals might use so that the cyber good guys -- GCU uses the term "Hackers with Halos" -- can combat those techniques.
Haralson said attending Black Hat and Defcon over the past two years has been “an incredible opportunity” for students. At those events, they can see what’s in store for them in the future as IT professionals. They can meet their IT heroes, network and bring all that knowledge back to GCU.
“The learning opportunities are HUGE,” she said, adding how students at Black Hat are “serving alongside the people who will employ them.”
And then there’s Defcon, which is more about the hacking culture and just having fun.
GCU’s students will return to campus for the fall semester with a leg up on all that’s happening in the IT and cybersecurity world.
Wake said she was fortunate to have attended the conferences last year and is “very happy to introduce a new season of people” to the events.
She added, “It’s really just, have a good time and learn a lot from people in the industry.”
GCU Today: GCU, tech students showcase their ingenuity