The ongoing COVID-19 pandemic didn’t stop this year’s Black Hat conference from going live again in Las Vegas.

This time, the Black Hat conference was a virtual event, with most participants opting for virtual, while around 5,000 chose to attend in person. In addition, the business hall was noticeably smaller, lacking the presence of cybersecurity giants such as Mircrosoft, IBM, FireEye, Palo Alto Networks and more. That gave the startups and smaller providers a chance to stand out during this Black Hat conference.

Mick Baccio is global security adviser at Splunk. He gave his impressions of the conference.

Splunk’s Mick Baccio

“I think a lot of the smaller companies, the conversations they’re having are more meaningful,” he said. “It’s a more intimate setting, so people aren’t coming to your booth just to get the swag. They’re having a conversation about your product. It’s more exposure. The people who are here want to be here.”

Baccio said it will be interesting to see what happens after this latest Black Hat conference.

“There are a lot of newer companies and this could be their big break,” he said.

Ransomware, Supply Chain Attacks Hot Topics

Stopping ransomware and supply chain attacks were big topics at this year’s Black Hat with all the recent headlines bringing these attacks to the mainstream.

“I think ransomware is a problem and I think it can be combatted by some basic steps,” Baccio said. “Ransomware has always been a problem, but that’s back when it was just your machine that would get locked up. And now it’s enterprise machines. I do think it will get worse. I think with the pivot of everyone moving to cloud architecture, because from a business standpoint it makes sense, you haven’t heard a lot about ransomware attacks in the cloud … and I think that’s going to become a more common thing.”

Getting back to basics is what’s going to help minimize ransomware, he said.

“Know what’s on your network and patch it,” Baccio said. “There is no silver bullet, but we’re trying to raise the bar a little bit. If we had multifactor authentication (MFA) mandated for everything, that would decrease our incidents.”

Threats Beyond Ransomware

On the business hall floor, researchers with Bitdefender were anxious to share their latest findings in terms of cyber threats.

Bitdefender’s Bogdan Botezatu

“What people perceive to be the No. 1 threat is ransomware because it is so visible,” said Bogdan Botezatu, Bitdefender‘s director of threat research. “But while ransomware is more visible, it’s not the only threat that targets endpoint right now. What we have seen in the past few months is the emergence of more generalistic malware that attempts to harvest credentials. We documented a couple of cases of Trickbot or Emotet, which are used for the bad guys to harvest information or gain access to these devices that they have compromised.”

They participate in an underground market that’s filled with initial access brokering, he said. They provide access to these computers in various verticals to the bad guys who monetize on attacks after that.

“Say you’re a bank and you’ve been infected by Emotet or Trickbot,” Botezatu said. “These bots will live on the computer, harvest login information and other credentials, which are then sent back to the bad guys who operate these threats. They are clustering them by verticals. This password provides access to somebody in a bank. This password provides access to somebody in government or pharma, or critical infrastructure. They cluster this information and sell them to the highest bidder.”

Alex Balan is security research director at Bitdefender. He stressed the importance of endpoint detection and response (EDR) and extended detection and response (XDR).

“Those are things that alert us when some is happening in our network,” he said.

Scroll through our slideshow above for more highlights from Black Hat and pictures from the business hall floor. We bet you’ll see some companies you know.