Experts Respond to Reports of Restrictions for Chinese Hackers Attending US-Based Security Conferences
A large majority of the IT security community seems to agree that preventing Chinese researchers from attending conferences in the United States is a bad idea.
On Saturday, a US official told Reuters that visa restrictions and other measures might be used to prevent Chinese hackers from attending events like Def Con and Black Hat. The measures would represent a method of maintaining pressure on China after the government accused five Chinese military officials of hacking into the systems of US organizations.
China has often been accused of launching cyberattacks against the United States. However, Beijing has always denied the allegations.
Jeff Moss, the founder of Black Hat and Def Con, noted on Twitter that such measures would not help build a positive community. Furthermore, he has highlighted the fact that Russian and Chinese nationals have a very hard time getting visas for Def Con and Black Hat as it is, so imposing restrictions would probably put an end to submissions from these countries.
In a statement sent to SecurityWeek, a Black Hat spokesperson revealed that so far they haven’t been contacted by any government agency.
“Black Hat strongly believesin engaging with and fostering collaboration among the international information security community,” the statement read. “With the constantly changing security landscape, it is imperative that we bring together the best minds in the industry from all over the world to help identify and mitigate today’s threats. In fact, our most recent event in Asia welcomed attendees from more than 41 countries around the world. We are proud of the global nature of our attendees, speakers, trainers and Review Board who make our events and community possible.”
“We have not been contacted by the State Department nor any other government agency at this time,” Black Hat added.
Martijn Grooten, the editor of Virus Bulletin, the certification and testing body that organizes theannual internationalVirus Bulletinconference, told SecurityWeek that such measures encourage prejudice.
“China has some great researchers/hackers. We’d all be worse off by not having them attend,” Grooten said. “We’re organizing VB2014 in the US this year. We’ll look forward to researchers from China, US and elsewhere to share their knowledge.”
Other experts and security conference organizers also believe that banning Chinese researchers from attending events in the US is a bad idea.
“I’m a supporter of information sharing without any borders and I cannot agree with theUS government’s reaction, whether it’s about China or any other country, because they seem to ignore one of the fundamental rules of the Internet – freedom,” Andrei Avadanei, the founder and CEO of DefCamp, a prominent information security event in Romania, told SecurityWeek in an emailed statement.
“I really hope that we won’t see a similar attitude from other countries,”Avadanei continued.”This action doesn’t solve anything because the community might be a collateral damage in a hidden war and the cyber security community will always find ways to bypass any censorship.”
Sam Bowne, an ethical hacking instructor at the City College of San Francisco and a Def Con 21 speaker, has highlighted the fact that Def Con and Black Hat are the primary conferences in the USA for serious security professionals to exchange information.
“Blocking Chinese nationals from them is a self-defeating action that will not protect Americans from attacks ─ it will make us weaker.Security experts need to make contacts with others from all over the world to understand the risks we face and the best ways to protect ourselves and our clients from them. I have seen several Defcon talks by Chinese nationals that revealed valuable information,” he told SecurityWeek.
“No classified national security information is revealed at Defcon or Black Hat ─ it’s all public domain material.Almost everything there ends up on the Internet immediately anyway. The Chinese experts are there to teach and to learn, not to spy on us,” he added.
“This ban, if enacted, would reveal us to be a petulant, stupid nation, ruled by leaders who find it more important to insult China than to actually protect our citizens. It also demonstrates that our leaders are happy to harm private businesses and scientific conferences for their own selfish political ends.”
Previous Columns by Eduard Kovacs:Industry Speaks: Chinese Hackers Should Not be Banned From US Security ConferencesChinese Users Targeted With Banking Trojan Disguised as WeChat AppSpotify Suffers Internal Data BreachCompromised Apple IDs Used to Hold iPhones for RansomFrance Tech Giant Atos to Acquire Bull
Tags: NEWS INDUSTRY