DEF CON's hacker-in-chief faces fortune in medical bills after paralyzing neck injury
Marc Rogers is 'lucky to be alive'
Marc Rogers, DEF CON's head of security, faces tens of thousands of dollars in medical bills following an accident that left him with a broken neck and temporary quadriplegia.
The prominent industry figure, whose work has spanned roles at tech companies such as Vodafone and Okta, including ensuring the story lines on Mr Robot and The Real Hustle were factually sound, is recovering in hospital.
Speaking to The Register, Rogers confirmed his prognosis is good and he's now doing much better than he was three weeks ago when the incident, the nature of which he didn't detail, took place.
Whatever the incident was, it left the cyber pro with a broken neck, but he wasn't aware of this at the time. He had no symptoms other than some "manageable neck pain," and nothing out of the ordinary showed up on a routine X-ray and an MRI wasn't possible due to insurance delays.
A week later, Rogers started losing some sensation in his hands and tried to have the MRI rescheduled, but the approval from his insurance company never came. While waiting for said approval, he and his family holidayed in northern California and by the time he returned on December 30, he says he lost "about 20 percent sensation and a similar amount of mobility in both arms."
With doctors unwilling to delay further treatment any longer, he was rushed for additional scans that revealed cervical vertebrae and tendon damage, requiring surgery on New Year's Day.
"On the 31st, before the surgery could happen, my disc and vertebrae came apart," Rogers said. "Overnight I lost all sensation, all mobility, and became quadriplegic.
"The morning of the 1st, the amazing neurosurgery team at John Muir, Walnut Creek operated. They fished out the pieces and filled the gap with a cage containing a bone graft. This was to grow a new section of spine and fuse the remaining parts. They decompressed the cord and bolted everything back together.
"They also decided to shave me into Sabretooth. As of an hour after the surgery, I regained 75 percent of my sensation and could move all my limbs, fingers, and toes. I have a ways more to go including learning to do stuff like walk, hold a cup, and brush my teeth but the prognosis is good."
Rogers is spending his time in the hospital in a neck brace. A testament to his dedication to the field, he's also passing the hours by investigating the Salt Typhoon intrusions and hunting threats using the tools available to him.
"Due to stubbornness and persistence, I have almost full use of my thumbs," he said. "That's enough to type on my phone keyboard. Even though I can't use a regular keyboard, that's enough to keep me operational in bursts, though I tire after a short period of time.
"The medical staff picked me up, gave me a new spine, and have supported me every step of the way. The neurosurgical team worked miracles and it's entirely to their credit that I was hunting threats just four days after being a quadriplegic."
His wife, children, friends, and family are visiting daily, and the various contacts from friendly faces in the cybersecurity community are keeping him company too.
"They have been my support and my motivation to stay mentally active. The first three days I couldn't sleep due to the pain. I existed almost entirely on a diet of spicy memes."
Rogers said it will be around four to six weeks before he returns to basic independence and is able to travel, but a full recovery will take up to six months. He begins a course of physical therapy today, but his insurance will only cover the first of three required weeks, prompting friends to set up a fundraiser to cover the difference.
- Volunteer DEF CON hackers dive into America's leaky water infrastructure
- DEF CON badge disagreement gets physical as firmware dev removed from event stage
- DEF CON Franklin project enlists hackers to harden critical infrastructure
- CrowdStrike president cheered after accepting 'Epic Fail' Pwnie award
"It's a sad fact that in the US GoFundMe has become the de facto standard for covering insurance shortfalls," he said. "I will be forever grateful to my friends who stood it up for me and those who donated to it so that I can resume making bad guys cry as soon as feasibly possible."
The cybersecurity community has rallied together to support Rogers' fundraiser, which at the time of writing has accrued just over $63,000 in donations, with just over half of the total sum raised so far.
Katie Moussouris, founder and CEO at Luta Security, described Rogers as "one of the finest hackers & humans to ever hack the planet," while the folks over at vx-underground offered their affections, calling him an "old-school nerd."
"[He] is lucky to be alive and we are luckier to be able to help him," Moussouris added.
Rogers has an impressive cyber CV. Beginning life in cybersecurity back in the '80s when he went by the handle Cjunky, he has gone on to assume various high profile roles in the industry.
In addition to the decade leading Vodafone UK's cybersecurity and being the VP of cybersecurity strategy at Okta, as already mentioned, Rogers has also worked as head of security at Cloudflare and founded Vectra, among other experiences.
Now he heads up security at DEF CON, is a member of the Ransomware Taskforce, and is the co-founder and CTO at AI observability startup nbhd.ai.
If you hadn't heard of him from any of these roles, or from his work in the entertainment biz, he's also known for his famous research into Apple's Touch ID sensor, which he was able to compromise on both the iPhone 5S and 6 during his time as principal researcher at Lookout.
Other consumer-grade kit to get the Rogers treatment include the short-lived Google Glass devices, also while he was at Lookout, and the Tesla Model S back in 2015. ®