Jeff Moss (hacker)
Moss at DEF CON, 2012
January 1, 1975
|Alma mater||Gonzaga University, Criminal Justice. (BA 1990)|
|Known for||Founder of the Black Hat and DEF CON computer hacker conferences|
Early life and education
Jeff received his first computer at the age of 10. He became fascinated because he wasn't old enough to drive a car or vote, but he could engage in adult conversation with people all over the country.
Moss graduated from Gonzaga University with a BA in Criminal Justice. He worked for Ernst & Young, LLP in their Information System Security division and was a director at Secure Computing Corporation where he helped establish the Professional Services Department in the United States, Asia, and Australia.
In 1997 he created Black Hat Briefings computer security conference that brings together a variety of people interested in information security. He sold Black Hat in 2005 to CMP Media, a subsidiary of UK-based United Business Media, for a reported $13.9 million USD. DEF CON was not included in the sale.
Moss is also a member of the Council on Foreign Relations (CFR), an independent, nonpartisan membership organization, think tank, and publisher. Jeff, when in Washington D.C., is a regular meeting attendant.
In July 2012, Secretary Janet Napolitano directed the Homeland Security Advisory Council to form the Task Force on CyberSkills in response to the increasing demand for the best and brightest in the cybersecurity field across industry, academia and government. The Task Force, co-chaired by Jeff Moss and Alan Paller, conducted extensive interviews with experts from government, the private sector, and academia in developing its recommendations to grow the advanced technical skills of the DHS cybersecurity workforce and expand the national pipeline of men and women with these cybersecurity skills. On October 1, the HSAC unanimously approved sending the Task Force recommendations to the Secretary.
In October 2013, Jeff announced that he would be stepping down from his position at ICANN at the end of 2013.
In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee.
In 2017, Jeff was named a Commissioner at the Global Commission on the Stability of Cyberspace. The GCSC is composed of 24 prominent independent Commissioners representing a wide range of geographic regions as well as government, industry, technical and civil society stakeholders with legitimacy to speak on different aspects of cyberspace. The Commission's stated aim is to develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behavior in cyberspace.
In 2017, Jeff spearheaded the creation of the DEF CON Voting Machine Village. Debuting at DEF CON 25, the Voting Machine Village allowed hackers to test the security of electronic voting machines, including several models still in active use in the US. The machines were all compromised over the course of the conference by DEF CON attendees, some within hours of the village's opening. The resulting media coverage of the vulnerability of all tested machines sparked a national conversation and inspired legislation in Virginia.
In September 2017, the Voting Machine Village produced "DEF CON 25 Voting Machine Hacking Village: Report on Cyber Vulnerabilities in US Election Equipment, Databases and Infrastructure" summarizing its findings. The findings were publicly released at an event sponsored by the Atlantic Council and the paper went on to win an O'Reilly Defender Research Award.
In March of 2018, the DEF CON Voting Machine Hacking Village was awarded a Cybersecurity Excellence Award. The award cites both the spurring of a national dialog around securing the US election system and the release of the nation's first cybersecurity election plan.
Moss is currently based in Seattle, where he works as a security consultant for a company that is hired to test other companies' computer systems. He has been interviewed on issues including the internet situation between the United States and China, spoofing[which?] and other e-mail threats and the employment of hackers in a professional capacity, including in law enforcement.
Recent speaking and participation
Jeff has presented at a wide range of venues, worldwide, either as a keynote speaker, individual, or as part of panel discussions and group deliberations. Examples include:
• Panelist, "Georgetown University, Institute for Law, Science and Global Security: International Engagement on Cyber" (PDF)., Washington D.C., USA, March. 2014
• Keynote speaker, CODE BLUE, Tokyo, Japan, Feb. 2014
• Keynote speaker, NANOG 60 NANOG, Atlanta, USA, Feb. 2014
• Speaker, World Knowledge Forum, Seoul, South Korea, Oct. 2013
• Korean Cyber Summit, Seoul, South Korea, Oct. 2013
• New Yorker Festival, “Spy vs. Spy”, USA, Oct. 2013
• Speaker, Special lecture on "Internet Governance" European Forum Alpbach, Austria, Aug. 2013
• CFR Task Force Report, "Defending an Open, Global, Secure and Resilient Internet", USA, June 2013
• Panelist, RSA, "BYOD: Here Today, Here to Stay?", San Francisco, USA, Feb. 2013
• Co-chair, DHS (HSAC) Cyberskills Task Force, USA, 2012
• Security & Defence Agenda, Brussels, Belgium, 2012, Cyber Initiative
• Speaker, Russian Internet Governance Forum, Moscow, Russian Federation, 2012
• World Economic Forum on East Asia, Bangkok, Thailand 2012.
• 6th Annual Strategic Multi-Layer Assessment (SMA) Conference “A World in Transformation: Challenges and Opportunities”, USA, 2012
• RSA, USA, 2012
• XCon, Beijing, China, 2012
• NRO Cyber Conference for National Programs, USA, 2012
• NSA “Cyber Red Dawn” symposium, USA, 2012
• West Point Senior Conference, USA, 2012
• Contributor NATO CCD COE National Cyber Security Framework Manual, 2012
• Co-Chair, DHS (HSAC) Community Resiliency Task Force, USA, 2011
• Georgetown University’s Institute for Law, Science and Global Security 2nd annual conference on international engagement in cyberspace, USA, 2010
• DHS Cyber Storm III exercise, USA, 2010, Participated as “the Internet”
• RSA, USA, 2009 - Core infrastructure security threat
• Keynote speaker, inaugural CodeGate conference, Seoul, South Korea, 2008
• Inaugural DeepSec, Vienna, Austria, 2007
• Panelist, Democracy, Terrorism and the Open Internet panel, Madrid, Spain, 2005
Moss was an Executive Producer on DEFCON: The Documentary. The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences. He was also a cast member in the film Code 2600. Moss also works with Mr. Robot's technical consulting team.
Popular culture references
DEF CON was portrayed in The X-Files episode "Three of a Kind" featuring an appearance by The lone gunmen. DEF CON was portrayed as a United States government-sponsored convention instead of a civilian convention.
- Sutter, John D. (2011-08-03). "Meet Dark Tangent, the hacker behind Black Hat and DEF CON". CNN. Retrieved 2014-08-10.
- "About Black Hat". 2012-04-25. Retrieved 2014-08-10.
- "About", defcon.org
- Naraine, Ryan (2005-11-16). "CMP Media Buys Black Hat". eWeek. Retrieved 2014-08-10.
- Mills, Elinor (2009-06-05). "Hacker named to Homeland Security Advisory Council". CNET. Retrieved 2014-08-10.
- "Jeff Moss Appointed ICANN Chief Security Officer" (PDF). ICANN. 2011-04-28. Archived from the original (PDF) on 2014-08-12. Retrieved 2014-08-10.
- "Cyber Statecraft Initiative".
- "Jeff Moss named Commissioner at Global Commission on the Stability of Cyberspace". Global Commission on the Stability of Cyberspace. Retrieved 2017-02-05.
- "DEF CON Hacking Warns Voting Machines Vulnerability, Oct 10 2017 | C-SPAN.org". C-SPAN.org. Retrieved 2017-12-08.
- "O'Reilly Security Conference in NYC 2017 Defender Awards". conferences.oreilly.com. Retrieved 2017-12-08.
- Littman, Jonathan (1998-08-13). "Inside Jobs: Is there a Hacker in the Next Cubicle?". PC World. Retrieved 2014-08-10.
- Tang, Rose (2001-05-01). "China - U.S. Cyber War Escalates". CNN. Archived from the original on 2013-08-22. Retrieved 2014-08-10.
- Richard Thieme (1999-02-08). "Designing the Future". Forbes. Retrieved 2014-08-10.
- Hesseldahl, Arik (2000-08-02). "Law Enforcement Officials Recruit Hackers". Forbes. Retrieved 2014-08-10.
- DEFCON: The Documentary on IMDb
- Code 2600 on IMDb
- Constantin, Lucian (2013-08-05). "Will Smith makes unexpected appearance at Defcon hacker conference". techhive.com. Retrieved 2014-08-10.