The cyber security company Kaspersky Lab is launching the fourth international industrial Capture the Flag (CTF) security competition. The firm is inviting ethical hackers, known as whitehats, to test the security of smart devices and industrial systems.
As the firm says, any release of a new piece of technology is usually followed by hacking attempts, as cybercriminals search for vulnerabilities. However, unlike blackhats, who are looking to exploit systems and new technologies for illegal purposes, whitehats are working towards the prevention of criminal acts and their consequences. Once a vulnerability is found, whitehats hand their research to vendors for the software to be patched. The annual CTF competition gathers the most talented whitehats to challenge their expertise with practical tasks. As all the participants are trying to resolve actual problems in cybersecurity, rather than artificial scenarios, the impact of the findings will be significant and a number of previously unknown vulnerabilities and attack vectors will be discovered during the competition.
The teams in the industrial CTF will also be given an opportunity to show their skills in the finals at the Kaspersky Security Analyst Summit (SAS) in Singapore next year. Online qualifying rounds will be held on November 23 and 24, 2018. Participants will be asked to resolve types of challenges, including questions and tasks in cryptography, reverse engineering, web-vulnerabilities, network protocols and other popular task categories. There is also a ‘fun’ segment, which will include unexpected and creative puzzles that require a holistic approach.
To ensure the competition represents a realistic environment, organisers will evaluate participants according to the factual difficulty of the tasks and uniqueness of the knowledge required to solve them. Hence the reward for each question will be evaluated in real-time and change in accordance with the number of teams who managed to solve it. This means that puzzles solved by the largest number of participants will be worth the least points, while challenges that prove to be sophisticated enough to be cracked by only a few entrants will be more valuable. The top three teams with the largest score will compete in April 2019 at the SAS event. All travel and accommodation expenses for the top three teams will be covered by Kaspersky Lab.
David Emm, Principal Security Researcher at Kaspersky Lab ICS CERT said: “We are becoming increasingly surrounded by smart devices and we rely on them in our everyday lives more and more. As our use of these devices grow, so does the amount of IoT malware. We are looking forward to this year’s competition, which we think will give us unique insights into the landscape of smart device security. To maximise the impact, we will make an effort to tweak this year’s finals slightly to the whitehat competitions that have taken place previously. Participants will face surprises, as they would in real life, whilst they try to resolve cyber threats.”
Register at http://ctf.kaspersky.com until November 24.
