To avoid any legal liability. Stating a specific reason would open them to possible "breach of contract" depending on whether the act(s) were significant enough or justifiable, based on the contract terms. Just say nothing, part amicably, everyone moves on without drama.
With that said, they probably weren't lying. Most likely, months after ponying up $10 million to a sophisticated international hacking group, Caesars Entertainment probably doesn't want to invite some of the world's best hackers to stay and meet at its flagship resort.
> To avoid any legal liability. Stating a specific reason would open them to possible "breach of contract" depending on whether the act(s) were significant enough or justifiable, based on the contract terms.
This is how it works for at-will employment, but it would be a very weird contract that allows backing out only if you don't say why you're backing out.
Let's say Caesars states, "we just got hacked and, as has been reported in every major newspaper, paid $10 million as ransom. We have reason to believe one or more attendees of DEF CON were part of that group."
How does making this statement this benefit Caesars in any way? Now DEF CON can demand some proof of this claim, or sue for defamation, or state that without proof, Caesars isn't acting in good faith, whatever.
Yes, most likely. That's why it would make zero sense for Caesars to state anything publicly that would antagonize members of the community. Saying nothing (or even praising DEF CON, and claiming it was a "change in strategy") is the smarter route.
> Most likely, months after ponying up $10 million to a sophisticated international hacking group, Caesars Entertainment probably doesn't want to invite some of the world's best hackers to stay and meet at its flagship resort.
Most Def con visitors would be white hats so that would be a bit disingenious. I would expect most attendees to behave (reporting issues after finding one)
Especially considering they just got hacked, a few pentests would be good for their business.
you say that like a person informed enough to know what a white hat is lol. Let’s be real here, even the ethical hacker bunch can look VERY wonky and rowdy to an outsider, especially if you are as far removed as the hospitality industry. The only time they had to deal with hackers in the recent past was decidedly painful for them
being ambivalent towards a group, filling up your hotel, but otherwise alien to you, may be a little less polarizing than just having been forced to shell out $100M to a similar sounding demographic.
Primarily, it's about public image. It would look idiotic to host this group, regardless of intention. And it's about insurance -- logical or not, their insurer probably insisted they quit inviting DEF CON and associating, in any capacity, with self-identified hackers.
To avoid any legal liability. Stating a specific reason would open them to possible "breach of contract" depending on whether the act(s) were significant enough or justifiable, based on the contract terms. Just say nothing, part amicably, everyone moves on without drama.
With that said, they probably weren't lying. Most likely, months after ponying up $10 million to a sophisticated international hacking group, Caesars Entertainment probably doesn't want to invite some of the world's best hackers to stay and meet at its flagship resort.