Why Would Hackers Attack Your Conference?

shutterstock_103173644Hackers targeting big companies have become part of the regular news cycle. As of last year corporations such as Sony, Target and Staples have become victims of breaches involving personal information and credit cards. Even more recently, the data of 18 million current, prospective or former employees of the U.S. Government was successfully compromised in one of the biggest and most spectacular cyber attacks in history.

While it might be comforting to think that hackers would only go after big name organizations, it would be wrong to think that conferences are exempt from cyber attacks. Just recently the Linux Australia conference was hacked, resulting in the contact information of the delegates being exposed.

So why would a hacker go after YOUR conference?

  • Registration Lists. This is the most obvious target. The reasons for going after your attendee lists can vary greatly. Selling lists to for the purposes of spamming is the low hanging fruit but there are more serious reasons. In the case of the Linux hack, the people on the list were network system administrators and so represented a strong target for breaking into an institution. Another dangerous use is for the purposes of housing fraud resulting in lost attendee money and large attrition penalties.
  • Credit Cards. This puts your show in the same class as Target. If your show is small, it probably won’t be considered (unless you are known to have poor server security!) but a large meeting could be tempting.
  • Political Reasons. If you are having a guest or keynote speaker who upsets a particular group of people, then your show may become a target for a denial-of-service attack or website defacing simply for reasons of embarrassing your organization. You may think naming that big name is a coup, but it may have just turned you into a target.
  • Ruining Your Reputation. This is similar, except the target is your show – the goal is to put your show in the news for the purposes of discouraging future attendees.
  • Cell Phone Data. At the show itself, hackers may construct bogus wireless networks for the purpose of capturing cell phone data and hijacking personal accounts. It is really your attendees who are the target in this situation.
  • Impersonating Web Sites. In this case, the hackers may replace the form of your show or a related supplier (such as the hotel), with a web page that looks like the original but is really a fake. This is particularly dangerous for online forms. Think of Wi-Fi signup page where a credit card is entered, except it is not the hotel that gets the credit card, but the hacker!

As these examples show, not only is your show a possible target, but so is everyone related to your organization – speakers, attendees and even suppliers. Do not leave cyber security to someone else. Just like with legal documents, turn to an expert for advice.

Follow us on twitter for more articles like this posted every week!