Over three days, speakers, workshops, experts and hackers from around the world talked about the hottest topics in cybersecurity and hacking at the 2022 edition of ekopartyone of the largest conventions in Latin America, which ended this Friday at Buenos Aires Convention Center.
After cyber espionage marked the debut of the convention and the security of virtual wallets was the protagonist of the second day, the last day was marked by a case of witnessing the so-called “ethical hacking”.
In a conference call “To hell and back”, a cybersecurity expert recounted his torturous experience by reporting a vulnerability he found. This is the case of the Uruguayan Alberto Daniel Hill, who in 2014 encountered a security problem on the website of a health care provider, report it and became the first person imprisoned in Uruguay for a cybercrime.
Furthermore, he claimed that he was accused by the media of demanding bitcoin in exchange for not disclosing personal data. Over time, his case has gained notoriety around the world. “I started being contacted by people from different countries who had experienced the same thing. In Uruguay there is no legislation and this is a problem: the whole question of cryptocurrencies, NFT and more, he does not have a painting that contemplates cases like mine”He told Clarin.
“The Interpol people told me they had complaints of people being scammed with cryptocurrency cases linked to companies like Mercado Libre and they asked me for help: that is, whoever put me in jail ended up asking me for a hand“, He added.
In this sense there was a workshop called “A little far from going to Cana”Where he spoke and advised on how to report security holes in order not to have legal problems.
In most cases, the authorities interpret that the whistleblower is a criminal, when in fact the purpose of “ethical hacking” (or “white hat”As they say) tries to expose problems so they can be solved and not exploited by cybercriminals.
“What we are looking for is that people who work in security get rid of the culture of fear: unfortunately, through the persecutions that they want to establish, experts stop collaborating because they can be persecuted”, explained Marcelo Temperini, lawyer specialized in cybercrime and director of the proposal.
“A criminal tries to obtain an advantage for himself or for a third party: a hacker is another thing, he is an investigator, someone who wants to help solve a problem“, He adds.
Ekoparty 2022, XL
The event had nearly 10,000 entrants, many of whom were beginners. “We said it was a new Ekoparty for many reasons: we were 10 years at Konex, where it was a more intimate venue, and we went to the Buenos Aires Convention Center. Here there is a lot more capacity of people and it responds to a generational change: half of the people who attended the event were new ”, says Clarín Leonardo Pigñer, CEO of the convention.
“This means there will be more and more hackers and cybersecurity specialists. During the pandemic many boys and girls came together and at Ekoparty they meet for the first time: this is the point of the conference, it was born 20 years ago to bring people together “, he adds, noting that in Argentina there is” a talented hacker “.
One of Ekoparty’s strengths this year was an investigation presented on the second day in which two cybersecurity researchers exposed a number of vulnerabilities in electronic payment means.
According to Dan Borgogno and Ileana Barrionuevo in their speech “Turning my phone into a scam device”, the payment terminals (MPos) that use applications such as Mercado Pago, Getnet, Ualá Bis and Naranja Xamong others, it can be abused by computer savvy scammers.
The other outstanding speech on the second day was that of Robert Lipovsky, threat intelligence expert at ESET in Slovakia, who talked about the situation of the cyber war between Russia and Ukraine.
In addition, during the three days a hacker “toy train” did what is known as “wardriving”: it went to detect unsecured WiFi networks around the city of Buenos Aires to raise awareness of the dangers of connecting to unknown networks.
The event was also attended by cybersecurity companies, such as Fortinet, Okta, Faraday, among others. It’s also a very popular event for CISOs, the hottest position in companies today: cybersecurity managers.
“The CISO is the IT security manager of a company, who is responsible for designing a company’s protection and resilience strategies. Originally in Ekoparty there was the hacker community and, currently, there is also the cybersecurity community. And, within this community, the CISOs must be part and from Banco Galicia, we understand that we must accompany the whole community, ”Pedro Adamovic, CISO of the entity, told Clarín.
The 2022 edition of Ekoparty closed with about 10 thousand participants.
Source: Clarin
