Chema Alonsoa renowned Spanish hacker, opened the 20th anniversary edition of the Ekoparty Security Conference, one of the most important cybersecurity and hacker conferences in Latin America, with a warning about the artificial intelligence: “With AI we have very big challenges as a society: misinformation, fake newsthe viralization of things that are not true and the manipulation of societies, all this is leading us to separate us instead of uniting which is what should happen, that we are more united.”
The conference, which began this Wednesday at the Buenos Aires Convention Center (CEC), brings together hackers and leaders of the cybersecurity industry of all ages and sectors. It lasts three days, with talks, workshops, job interviews and special activities with skills to hack all types of systems and devices.
Leonardo Pigñer, CEO of Ekoparty, opened the 2024 edition at the Buenos Aires Convention Center (CEC) to introduce Chema Alonso. “I note that the spirit is exactly the same as it was 20 years ago: in the first Eko the idea was to get together with friends, learn, hack all together and today there are many more of us, but the spirit is exactly the same. “Twenty years is nothing,” he said.
After the brief opening, the keynote was given by Chema Alonso, a Spanish hacker who is a celebrity in the world of cybersecurity, with a history linked to discoveries, international conferences such as Black Hat and DEF CON and, for years, the security of Telefónica in Spain. In his talk, he reviewed his career, from how he began to be interested in technology and computers at the age of 14 to how he became friends with Kevin Mitnickfor many the world’s number 1 hacker (who died last year).
“During the years I was hacking and learning, I didn’t use technology to get somewhere: technology was the place. Every year that I came here to the Ekoparty, I had to learn something new,” he said in his conference, in which he recalled that he participated in several editions of the Argentine hacker convention. “One of the great things about hacker conferences is that they are synonymous with community. And the most beautiful thing about Eko is that, the community,” he added at the opening.
“El Chema” is a true rockstar in the hacking niche: he could barely walk among the attendees, who kept asking him for photos and book signings. His talk was scheduled for 9 in the morning, but half an hour before the start the auditorium was already full and in the vicinity of the CEC there was a line that went around the clock.
Nicknamed “The Evil One” or “the hacker with the hat”is currently Chief Digital Officer of Telefónica. At 49 years old, Alonso spoke of one of his daughters as a “version 2.0” of him, in a reference to his family’s introduction to the world of hacking.
Later, in an Ekoparty space called “Lado B” in which more relaxed interviews are held with the protagonists of the talks, Alonso spoke about the topic of the moment: artificial intelligence.
“When something is new, it is attractive. Figuring out how to bypass constraints in an AI model is challenging. For us it has been very fun because the universe of AI has expanded in two senses: it can be used for hacking, but you can also try to hack it”, he assured.
“I think that AI is here to stay and for us it is something unavoidable in cybersecurity, I think that for kids it is another piece to learn and train. On the other hand, the best thing that the new generations have is that they have an internet full of content. Nowadays you can see all these conferences online, that’s something we haven’t had: It’s our generation’s gift to the next.”he added.
Vulnerabilities and “how to break Copilot” from Microsoft
After the opening, a large number of talks followed in the main room. One of the most notable was that of the Argentine hacker Sheila Berta, Director of Research, Innovation and Development in Cybersecurity at Dreamlab Technologies, in which she analyzed exposed information from local official entities and also from companies.
Among the discoveries he made with his work team, he told how they found access credentials to different databases together with his work team, from Buenos Aires municipalities to the National University of La Plata. “There are many databases from government entities, universities and even clinics that are vulnerable on the internet. The lack of investment in cybersecurity could explain why sensitive information from citizens appears almost every week in dark web forums,” commented the researcher in dialogue with Clarín.
Furthermore, the researcher revealed that at least 892 Argentine government entities, including the Senate of the Nationhost their mail servers abroad, mainly in the United States. “This represents a serious loss of sovereignty in data management, making it easier for other nations to spy on sensitive information about the country,” he said.
He also told cases of private companies, such as that of a electrical distributor in the south of Buenos Aires with industrial electricity meters exposed on the internet. “There are at least five of these devices visible and accessible, allowing anyone who finds them to fully manipulate them. This could represent a risk to the security of the distributor,” he warned.
Later, researcher Inbar Raz spoke about “15 Ways to Break Copilot”, Microsoft’s AI that is integrated into Windows, to understand what security problems companies using customized versions might have. Windows Hello, the system to identify yourself in the operating system without a password (with biometrics), was also the focus of one of the main talks.
Among the highlights of the villas Maximiliano Firmmanprogrammer and researcher, spoke about ponzi schemes in what he called the “ponzidemia”, a phenomenon of proliferation of young people who are attracted by fraudulent investments, with one of its largest exponents this year: the San Pedro scam of RainbowEX .
For all audiences
Among the attendees, audiences of all styles and ages could be seen, from the most veterans in the world of cybersecurity – several participated in talks and workshops – to the youngest, who participated in a space called Ecokids.
“This project is a space that connects children and pre-adolescents, along with their families, with technology in a way safe and creative. Our goal is to inspire learning from an early age, promoting skills in cybersecurity and lateral thinking through recreational and educational activities,” said Sol Argento, organizer of the space.
There was also, again, Future Hackeran initiative for teenagers. “Futuro Hacker is an Ekoparty initiative that seeks to promote interest in cybersecurity among young people, with the aim of generating talent and opportunities. Thanks to constant work with schools and universities, we form a community of super committed students that grows every year,” Sabrina Pagnotta, director of the program, told this medium.
“In 2024 we went on tour through Córdoba, where we visited 10 schools and two universities in the capital and General Deheza. We also organized a day of talks and workshops on the UTN campus, in which we received nearly a thousand students. We also continued touring secondary schools in Buenos Aires, Bogotá and Lima, thanks to the commitment of cybersecurity professionals who help us from their cities,” he added.
For this edition they prepared workshops to receive more than 400 students. “In addition, we are going to give workshops on exploiting vulnerabilities in the Hack The Box platform, cybersecurity mentoring and the long-awaited wardriving, a tour aboard a little train of joy scanning the city’s Wi-Fi networks,” closes Pagnotta.
Ekoparty continues on Thursday, November 15 and Friday, November 15 with more talks, workshops and conferences. More information at this link.