When the DEFCON 12 computer hacker convention took place at the end of July in Las Vegas, the United States government had very visible representation at the traditionally wild and chaotic three day event. A Meet the Fed panel on Saturday afternoon quickly turned into an ad hoc recruiting session, with representatives from the FBI, Treasury Service, Air Force, and two retired NSA officials addressing an ballroom of over 1,000 attendees. It was the first time in two years Feds had officially spoken at DEFCON, having been busy with a little thing called The War on Terrorism said one speaker.
Uncle Sam needs talented and clean (i.e. no arrests or documented bad behavior) computer security people. "You can get up to 70 or 75 percent of your students loans forgiven," repeated one Air Force representative. The U.S. government has a large number of open computer security positions to fill and has a tough time retaining employees. Entry-level employees join up, learn the ropes, and then end up departing 3 to 4 years later for more lucrative private sector positions. Some computer security job seekers have strayed over to The Dark Side once too often and are now unable to get security clearances due to either criminal prosecutions or documented past bad actions.
One of the panelists, the National Security Agencys Chief Scientist from 1986 to 1994, was DEFCONs de facto guest of honor and had his own opportunity to speak his mind on issues ranging from the security of electronic voting (Poor), the reliability of the worlds ATM cash machines (Good, but an attack downing the network would have substantial consequences), and an incident where the former Soviet Union made a serious mistake in implementing one-time codes for the KGB and GRU. Other presentations were given by a member of the Naval Criminal Investigative Service and a West Point professor currently working on his PhD in Computer Science at Georgia Tech.
Despite DEFCONs image as an outlaw gathering, conference organizers have been cultivating relationships with federal law enforcement and military officials for a number of years. Both the Army and the NSA have said they want to build bridges to the hacker community due to the threat of foreign cyberwarfare attacks against the nation. In 1999, the Armys civilian head of the Command and Control Protection Division at the Office of Information Assurance spoke to attendees about The ethics/morality/practicality/patriotism of hacking, urging them to stay on the side of angels rather than cracking systems. More recently, organizers of the annual Cyber Defense Exercise (CDX) run between the military academies have expressed the desire to expand the virtual field of play to civilian teams.
Its not all seriousness. DEFCON organizers have a running contest called Spot the Fed. If a representative from a federal agency is discovered and his identity confirmed, the person who spotted him will receive a Spot the Fed T-shirt. Last year, DEFCON organizers quietly started swapping I am the Fed T-shirts with government attendees for agency logo-imprinted coffee mugs and other swag. Doug Mohney