Hacker convention grows in third year at Fort Meade
By Steven P. Stover
Dec 11, 2018 at 2:00 PM
With presentations ranging from “Anatomy of a Phish” to “Sun Tzu’s Art of War Applied to Cyber Operations,” AvengerCon attracted more than 330 people — triple the size of just three years ago.
The hacker-style convention, hosted by the 781st Military Intelligence Battalion Nov. 26-27 at Fort George G. Meade’s McGill Training Center, was open to all service members, DoD civilians and invited guests within the information security community.
Capt. Skyler Onken, of the 781st MI Battalion, said AvengerCon is an effort from within the ranks.
“It originally came from an idea myself and [Capt. Stephen] Rogacki had when we were attending DefCon and we saw that it was really difficult for the Army to send a lot of people to these events,” he said.
“But they are really valuable in two ways. One, obviously, the educational training benefit, and two, really getting a feel for the community, because hacking and cyber are more than just a skill set or a profession. It really is a community.”
Capture The Flag
Event staff facilitated four workshops including a “fuzzing” workshop, which discovers vulnerabilities within software; a reverse engineering workshop, which has application in defensive-side power analysis and exploit development; a presentation by the Army Cyber Institute on how to create a capture-the-flag competition; and another on hacking the Internet of Things.
“This conference is great because it’s a chance for the military and government-side here who aren’t always allowed to go to the big conferences [and see what the community is doing],” said Grimm CEO Brian DeMuth.
Grimm, a cybersecurity engineering and consulting firm, provided organizers on the floor to interact with attendees and featured a booth that displayed the advances they’ve made into automotive security, among other fields.
“[Attendees] get a chance during the week to come out and hang out at this conference and learn from the people who are here,” DeMuth said.
Presentations on the main stage included topics like “Integration of Open Source Web Technologies in CNO [computer network operations] Development,” “Military Applications of 3-D Printing,” and “An Introduction to Machine Learning, Using Machine Learning to Find the Perfect Cocktail.”
“My job pertains to cyber, so a lot of these talks are interesting to me, and it’s just interesting to see what my other compadres are working on as well,” said Interactive On-Net operator Michael Ighat of Pasadena, who works with the 780th MI.
“I like to learn more about the introductory [subjects] like the car hacking, the introduction to 3-D printing, reverse engineering — stuff like that, just to kind of broaden my spectrum. I do a lot of security, but I kind of dabble in reverse engineering. It’s nice to [have this knowledge] and tools.”
There were plenty of booths from private organizations as well, including a crypto challenge, in which attendees could work at their own pace to solve various tasks; hacker trivia; a capture-the-flag event; lock-picking; and Grimm’s supervisory control and data acquisition display.
“We as cyber security and business people tend to be interested in the interconnectivity of systems, and locks are a system that we interact with on a daily basis that very few people understand,” said TOOOL Maryland Chapter president Michael Bain.
“I think it’s a very good physical analog to what we face in cybersecurity. Understanding the system in its entirety is what allows you to leverage control over it.”
As she worked to decrypt a new cypher, Spc. Erin Rockwell of the 780th MI said she found the lock-picking event to be especially helpful and thought the convention overall was a boon to her professional development.
“I do work with cyber, so [this conference] relates to my job,” she said. “I’m learning new things that relate to my schooling.”
Onken said the event is clearly continuing to grow and envisioned multiple tracks of presenters in the future to cover a broader range of topics, including possibly a classified track for cleared attendees to talk about their mission.
“I do this because I love this,” Onken said. “I was hacking before I was in the Army. I joined the Army to do this, and I like to bring a lot of that passion and spirit in. [AvengerCon] will help the soldiers to become better at what they do. I really want people to catch the bug.”
Onken said he sees AvengerCon as another way the Army is aggressively pursuing cyber technology.
“From what I’ve seen — and I’ve worked with all the other branches — the Army is absolutely the most aggressive in pursuing advancements in the way that we manage people, the way we manage mission,” he said.
“For being a larger organization we’ve actually done really well at being adaptable to the environment. In this environment, you always need to be more adaptable. But right now, the Army is definitely ahead of their peers.”