Hackers grapple with a once-unthinkable idea: Political action

As the DNC hack puts digital security in the national spotlight, cybersecurity professionals took the unusual step of staging a Hillary Clinton fundraiser at a hacker conference known for its fiercely independent and antiestablishment attendees. 

Hackers

Throngs of hackers have been flocking to Sin City to celebrate their craft every summer since Jeff Moss founded the Black Hat and DEF CON conferences in the 1990s.

Yet in a community of technologists who earn a living pushing boundaries and breaking things, Mr. Moss’s riskiest move this year was not providing a forum to demonstrate how to crack ATMs or hack cars – it was daring to headline a Hillary Clinton fundraiser.

“I’ve gotten so much hate mail," laments Moss, also known by his hacker name The Dark Tangent.

The backlash isn’t because of the Democratic nominee's political views or even the email controversy. It's because for a large part of the security community, says Moss, politics is “a super dirty, dangerous word.” An independent himself, Moss describes the reaction from a certain faction as: "How dare you get close to 'The Man.' "

The hacker community has traditionally prided itself on its strong libertarian, antiestablishment streak. There’s a baseline apathy toward politics and active antipathy toward the idea of any government interference with their work. And especially at Black Hat and DEF CON, there’s a special concentration of hardcore technologists with reputations for compromising systems – legally or not. To put it in perspective, a rousing game of "Spot the Fed" – where people are encouraged to find and expose law enforcement agents in the crowd in exchange for prizes – was a popular tradition for years.

But this year is different: Politics is more intertwined with their professions than ever before.

Digital security is at the forefront of the presidential election. Suspected Russian hackers compromised Democratic National Committee servers, and the resulting leaks of private emails have sparked political resignations and party infighting. Republican presidential nominee Donald Trump's response to the attack was to go so far as to suggest that Russia actually find and leak Clinton’s emails. And of course, Clinton herself has been dogged by cybersecurity-related questions this cycle, over whether her private email server she used during her time as secretary of State contained classified information that could have been compromised by foreign adversaries.

It’s a first in US politics where a party’s digital security – or lack thereof – might actually affect the election of the next president.

So in the heat of a presidential campaign, Moss, who himself has served on the advisory council of the Department of Homeland Security since 2009, said it's the right time for the security community to open up to Washington. And so the Clinton fundraiser – which sold tickets ranging from $100 to $2,700 – was a first-of-its-kind event held on the sidelines of the hacker conferences Wednesday night, and among the first cybersecurity specific fundraisers ever held in this country.

"Some people in the community are sort of afraid of it, saying, ‘Oh, now you’re politicizing the technical arena,' " said Moss. "But for whoever gets in [the White House], a lot of these issues we care about are going to boil over. We have to be engaged – or be OK with whatever happens."

Indeed, over the past few years cybersecurity issues once considered fringe tech concerns have become part of the national conversation. There’s the roiling debate over whether the government should force companies to build in channels for the government to read encrypted communications, the open question over whether the US will forge more international agreements to curtail cyberespionage, whether to amend the controversial laws used to prosecute hackers many say could chill valid security research.

The fundraiser’s official organizer Jake Braun, chief executive of strategic advisory firm Cambridge Global Advisors and former Obama campaign staffer, was pleased to see dozens of people – at least 50 or 60, he said – donate money to attend the event in a Mexican restaurant in the Mandalay Bay hotel.

Still, despite some media outlets dubbing the group at the fundraiser “Hackers for Hillary,” many of these donors did not fit the traditional image of politicos or campaign boosters. Several said they did not come because they were huge fans of Clinton specifically or wanted to influence an election – but more to fill a sense of curiosity or show a willingness to take part in any kind of political process.

"I’m not a hacker for Hillary. I don’t know what that is,” said Evan Francen, president of FRSecure boutique information security company in Minnesota. "I’m an information security guy. I just want to hear how I can help, regardless of who wins."

Other than voting, this event is his first foray into politics, he says. "The security industry has been traditionally pretty closed over the years. I’m always a bit leery of the government controlling our industry. But we need to open up, talk to people. It can certainly set the tone to help us."

Then there was Roland Lindsey from Seattle, sporting a black kilt and shredded black T-shirt, who describes his job at F5 Networks as a "corporate spy" and was excited to finally get a chance to talk politics at Black Hat. His first Vegas hacker con was six years ago, he said, when “no one in this community wanted to talk politics.”

"The hacker community has a libertarian ethos – and not necessarily the libertarian party. More like, you live and let live and everyone looks out for themselves," Mr. Lindsey says. “This year is not a normal year. It’s not a normal year because Donald Trump is in the race.”

Lindsey is a Clinton supporter who says the "rolling calamity" of Trump’s campaign has kept him and his friends "entertained" – but it’s the role of hackers in the election that has him really intrigued.

After the DNC hack, “I’ve been calling it the ‘Hacker Primary.’ Some group of hackers will weigh in, on every election from now on, on behalf of one party or another,” he predicts. “These campaigns run rinky-dink operations on a shoestring. They’re not well secured. If this ‘Hacker Primary’ becomes a thing, the government is going to want a piece of that action and we’re going to start to be more politically active,” he says, referring to potential regulations in the future.

The room was stacked with an array of security pros, many of them stars from major companies such as Facebook and Symantec who insisted they were there in their personal capacities and declined interviews. But can Clinton, whose email practices and use of a private server FBI Director James Comey called "extremely careless,” win over the security community?

Clinton, who has formed a cybersecurity policy working group, probably understands the value of good digital security at this point, Moss says. “If she didn’t before, she does now. In a very personal and powerful way," he says. "I would like to believe she will turn to the security community – the real security community – and get real, unbiased input."

During the fundraiser, Braun sought to convince his relatively nonpolitical audience to go out and push their peers to vote for Clinton after Trump’s call on Russia to hack and release Clinton’s emails. After all, the security pros in front of him were well aware of the threat from foreign adversaries – even without a public call for more attacks.

“While the rest of the public might not know how vulnerable our voting apparatus is to cyberattacks, we are,” he said. “We need to make sure the world knows this, and that Donald Trump and his affiliates know it’s not OK to tell Russia to hack our democracy.”

He encouraged attendees to sign in on a piece of paper circulating around the room. "The secretary – if and when she wins – is going to need great people to help out on both the policy and technical perspective," he told them. There will be an administration to fill, advisory boards to stack, committees to form, and Braun says he wants a list of the "best and brightest" that emerge from this event.  

“This isn’t a politically organized industry the way others are,” he says. “It’s not like we have people in the pipeline the way other industries do. We’re hoping to pave that pipeline, or at least start to, tonight."