This presentation will look at crisis mapping technology from the perspective of an attacker such as a hostile government, terrorist organization, or organized crime group. From this point of view we will see what can be done to prevent access to crisis maps, manipulate data received by crisis mapping platforms, and expose those using the systems to attack.
The presentation will use examples of actual vulnerabilities and attacks that have already been seen in the wild and will conclude with some of the steps that have been taken to defend crisis maps in the field.
George Chamales has spent the last decade working in a wide range of positions in the computer security field. His list of current and former government employers includes the US Department of Defense, Department of Homeland Security, and Department of Energy. In the private sector, he's worked as a security architect, developer, and corporate pen-tester (hacker) targeting Fortune 500 companies.
He is an active member of the crisis mapping community where he develops new tools and capabilities, co-founded of the Crisis Mapper's Standby Task Force, and has served as the technical lead for numerous deployments including LibyaCrisisMap.net, Pakreport.org, and SudanVoteMonitor.com