According to Imperva, web attacks originating from Las Vegas increased 130x during conferences Black Hat and Def Con.
Where there would typically be 20 attacks originating from Las Vegas per day, during the conferences that number peaked at 2,612. The start of Defcon – which is also the final day of Black Hat – saw the number of attacks hit 1,916 on Aug. 7. On the final day of DefCon the number of detected attacks fell to 7.
Imperva also tracked level of traffic during the NAACP conference in July which also saw an increase in traffic to day prior to 2,057 attacks. Barry Shteiman, director of security strategy at Imperva, explained “we collected all of the security events during that time period from our Community Defense system, mapped Geo IPs for Nevada state, and Las Vegas specifically, then we queried the Community Defense data set for all source IPs that were in the US. Finally, we summarized by date and where the city itself is Las Vegas.”
In an email to IT Security Guru, he added “While there is no way to say that the attacks were generated from the attendees at Black Hat/DefCon specifically, the spike of 130x is unique. Not only that the crowd is unique.
“In a normal large event (like NAACP) you see some climb which is mostly due to infected computers that the attendees bring with them, however… Black Hat/DefCon participants are unique; they are security experts and hackers that are much less susceptible to clicking on malware links, or opening an unknown attachment. For that reason it is likely that the attacks came from the unique crowd at the event in my opinion.”