Inside the online fight among DerbyCon leaders, illmob, and harassed infosec women

The controversy around a popular infosec conference being cancelled has called into question how the greater community allows women and minority groups to establish their careers.

A published cybersecurity expert and a high-ranking security official at a popular information security conference are at odds over a Facebook group that has served as a platform for harassment and misogynistic comments toward women in the profession.

Last month, the founders of DerbyCon — an annual hacker conference held in Louisville, Kentucky — announced that 2019 would be the last year for the event. In a blog post announcing the cancellation, the conference’s founders didn’t point to a single incident that led them to their decision. However, one passage stirred up controversy: “There is a small, yet vocal group of people creating negativity, polarization, and disruption, with the primary intent of self-promotion to advance a career, for personal gain, or for more social media followers.”

The “negativity, polarization and disruption” heightened in the wake of the announcement, with members of a Facebook group known as “illmob” posting comments that the cancellation was due to a select group of people taking umbrage with the way things were run at prior DerbyCon events. Those comments were first reported on by Vice’s Motherboard.

One person, Georgia Weidman, was called out for a tweet in which she said speaking at DerbyCon in 2013 was more detrimental to her career than an incident at a conference in Germany where she fought off an attempted rapist.


In the wake of the dispute, Weidman and Joshua Marpet, a security organizer at DerbyCon, have spoken with CyberScoop’s “Securiosity” podcast about the harassment that’s been unearthed in the aftermath.

You can listen below. The relevant passages begin at the 24-minute mark. 

Weidman says that she has been labeled as a “train wreck” since speaking at DerbyCon, adding that she’s been labeled as unhirable and people have steered away from buying her book. The book, “Penetration Testing: A Hands-On Introduction to Hacking,” is well regarded among cybersecurity professionals. 


In the Facebook group, a number of members used the “trainwreck” term about Weidman and made crass allegations about her behavior at other conferences.

“I was particularly surprised that there were a few people who I thought were my friends who were on [the Facebook] groups saying I was a train wreck,” she says.

Weidman says the “train wreck” characterization comes from a belief that she gave a 2013 conference talk while intoxicated.

“The [attendees] hand out drinks to speakers on stage or while you’re presenting,” Weidman said. “If a man gets drunk presenting, it’s epic. My getting tipsy demonstrates that I was unprofessional? People also want to point out I had spikes on my jacket, which is true, I did, but this is an event where people literally show up dressed as Stormtroopers. It’s such a double standard for women and minorities.”

According to Marpet, issues like this are a big reason why DerbyCon is shutting down. He says on “Securiosity” that the “drama” of years past has outweighed the “fun” for the founders of putting on a conference.


“We’ve had some drama happen. Let’s be blunt, it was drama,” Marpet said. “I’m not saying it was wrong, or right, or justified or not.  I’m just saying it was. We had a couple of people get drunk at night and we had to work on them. We had somebody who got transported to the hospital, and it was a medical issue. Just getting briefed on that in the morning is terrifying. … I think that this DerbyCon got to the point where it wasn’t fun, and that’s why [conference founder] Dave [Kennedy] said ‘I’m done.'”

As to the harassment Weidman faced in the illmob Facebook group, Marpet said despite what was shown in the media, there have been times where misogynistic comments or harassment have been called out.

“I’m not going to say that I caught every bad discussion that was in there,” Marpet said. “I have other things that I do with my life than checking every Facebook group I’m in every day. I don’t know that I caught those particular discussions [about Georgia], but I know that there’s a lot of times that when I did catch something, I said, ‘Hey, stop.'”

Weidman said she wants to see more people be vocal about that type of behavior, including herself.

“I really wanted to stay on ‘the party line’ if you will, because I knew that ‘the men don’t want to hear about that’ is a general rule,” she said. “Over time, I guess, I’ve matured as a person. I guess I’ve realized that it’s more important than being in the cool crowd to try and fix these things for the women who come after me.”


You can listen to the full podcast on Apple, SoundCloud, Spotify or Stitcher.

Correction, 2/4/18: This story has been updated to reflect Joshua Marpet’s role in DerbyCon security. 

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts