FORT GEORGE G. MEADE, Md. -- Soldiers from A Company (the Avengers), 781st Military Intelligence (MI) Battalion (Cyber), hosted the third annual AvengerCon, a hacker-style training event, at the McGill Training Center on November 26 and 27.
AvengerCon is open to all service members, DoD Civilians, and invited guests within the information security community. The event has grown from 100 attendees at the first iteration to more than 330 registered for this year's event.
According to Capt. Skyler Onken, commander of A Co., 781st MI Battalion, and one of the event originators, "AvengerCon is an effort from within the ranks. It originally came from an idea myself and (Capt. Stephen) Rogacki had when we were attending DefCon and we saw that it was really difficult for the Army to send a lot of people to these events. But they are really valuable in two ways, one, obviously the educational training benefit, two, really getting a feel for the community, because hacking and cyber is more than just a skillset or a profession, it really is a community."
On the first day, the AvengerCon III staff facilitated four workshops to include a Fuzzing workshop, which is essentially discovering vulnerabilities within software; a Reverse Engineering workshop, which has application in defensive-side power analysis, and exploit development; a presentation by the Army Cyber Institute on how to create a capture the flag competition; and another on hacking the IOT (Internet of Things).
The second day kicked off with a keynote address by Chris Eagle. Eagle is well known in the hacking community as well as within military circles. He is a professor at the Naval Post Graduate School and a former Navy lieutenant commander. He is the author of "The IDA Pro Book". IDA (Interactive Disassembler) is a common reverse engineering software used by the hacking and development community.
"The book is so good that the people that create the software said they're not even going to create a manual because his book is that good," said Onken. "He is literally 'the guy' and on top of that, he has won the DefCon capture the flag two times. I'd say he's legendary, but he's really a humble guy."
In his remarks, Eagle shared his story as well as what it's like to be a hacker while serving in the military. Balancing those two worlds that can sometimes be at odds, he said.
"It's all about learning, finding opportunities to learn, whether that is school, challenging yourself at school, finding the classes that are going to give you the skills you want to have going forward, whether it's learning at a conference like this or self-study," said Eagle. "Tinker, experiment, program, fail…don't be afraid to fail and learn from your failures. Build things and share things and teach people. You've got to do that within DoD. We don't have enough training capacity. We can't send people out to get the training that they need as often as we'd like to…sending someone to SANS cost a small fortune, sending a hundred people to SANS cost a big fortune. All that knowledge that you are acquiring, all the knowledge that you are developing on the job, needs to get shared."
Following the keynote speaker, there were presentations on the main stage by people from within the organization. The topics included "Anatomy of a Phish", "Integration of Open Source Web Technologies in CNO (computer network operations) Development", "Military Applications of 3D Printing", "An Introduction to Machine Learning, Using Machine Learning to find the Perfect Cocktail", and "Sun Tzu's Art of War Applied to Cyber operations".
Like other hacking events, such as Black Hat, DefCon, and ShmooCon, there were village events throughout the venue.
The village events at this year's AvengerCon III included a lock pick village put on by TOOOL (The Open Organisation of Lockpickers), a local locksport, lock-picking organization; a crypto challenge, where attendees could work at their own pace to solve various tasks; a hacker trivia, where teams of five answered trivia questions for the honor of receiving a coveted AvengerCon challenge coin; Charlie Company (The Conquerors) 781st hosted a capture the flag event, called "Conquer the Flag"; and an organization called Grimm provided SCADA (supervisory control and data acquisition), ICS (industrial control system) villages and workshops so people could hack the IOT, simulated SCADA targets and cars.
Onken sees the event continuing to grow as the word gets out about AvengerCon. He envisions multiple tracks of presenters so that multiple presentations can be given simultaneously on different topics, and sees the potential for a classified track for cleared attendees to talk about their mission.
"I do this because I love this," said Onken. "I was hacking before I was in the Army. I joined the Army to do this, and I like to bring a lot of that passion and spirit in. (AvengerCon) will help the Soldiers to become better at what they do. I really want people to catch the bug."
Onken absolutely sees AvengerCon as a training event and the venue as another way the Army is aggressively pursuing cyber excellence.
"From what I've seen and I've worked with all the other branches, the Army is absolutely the most aggressive in pursuing advancements in the way that we manage people, the way we manage mission," said Onken. "For being a larger organization we've actually done really well at being adaptable to the environment. In this environment you always need to be more adaptable, but right now the Army is definitely ahead of their peers."