Report on Defcamp 7 at at Bucharest, Romania, 10-11 November 2016

Defcamp icon

DefCamp is the largest annual information security conference held in Bucharest, Romania, in which the latest topics and practices in information security are presented by specialists in the field. This year marked its 7th edition of the event, with people from more than 150 different companies participating. The goal of our trip was to compete in the Capture the Flag (CTF) hosted by DefCamp, widely known as D-CTF.

CTF is an information security competition in which participants compete against each other in demonstration of offensive cybersecurity skills. This year’s D-CTF was in ‘jeopardy’ format, in which discrete challenges from specific categories were released over time and in increasing difficulty. We had the total of 19 challenges this year from the four following categories:

1.           Web technology

2.           Exploitation

3.           Forensics & steganography

4.           Cryptography

Departure

NUS Greyhats sending their well wishes and support for Shi Rong, Yoshiaki and Glenice before their flight.

The competition was 24-hours long, starting from 12pm 10th November to 12pm of the following day. 16 teams from all over the world, each with maximum of five members, took part in the competition, including Japan, Poland, Ukraine and of course, Singapore. The age group of the participants were also very diverse, ranging from high schoolers to graduates/postgraduates. Together with the fact that many of them were self-taught, it was a strong indication of the ease of entry into the field of cybersecurity.

dctf playing area

The tasks given out in the competition were all very challenging and most importantly required patience, as any CTF would do. Physical fitness was also an important component of the competition: having arrived at a place with a time difference of 6 hours only a day before and completing a 24-hour competition was extremely demanding. However, it is also during this harsh 24-hour period that we witness the power of passion and curiosity as participants stayed up for almost the full day to complete as much challenges as possible.

Additionally, since our qualification also grants us a full-access pass to the entire conference, we will be able to fully experience and learn from the various conference features such as the ‘Hacking Villages’, listen to the talks, and speak to other conference attendees after the competition.

 

Conference

We attended one of the conference titled: Moving Forward with Cybersecurity, hosted by Manager of PwC Audit SRL, Mr Kereszturi Laszlo. He introduced various aspects of auditing and urged members to participate in their survey to gather more information and thoughts on Cybersecurity and security over IoTs (Internet of Things). With the rising usage of IoTs, there were much concerns over how secure they are. Since most IoTs are household products, the effects were critical. Also, Mr Laszlo explained how enterprises network are put to a test, especially with the introduction of Cloud infrastructure. There were many takeaways from this talk, and even more so as cybersecurity is a major concern not only for enterprises, but on a personal level as well.

DefCamp has helped to gather professionals and curious learners from around the world, and the sharing of knowledge and experience made the event really meaningful and enjoyable. The conference topics differed significantly from one another, ranging from IoT to military security, but they all had one theme in common – “we need more security practitioners as technology continues to develop, allowing the room for more and more attack vectors”.  We came to once again realize the need to deal with the shortage of talents in the field of information security.

Through the event, we were able to meet other skilled security professional from other countries around the world. In the end, we could not place ourselves in the higher positions in the competition, but what we have learnt from this trip is invaluable. This experience gave us an insight into today’s information security at its finest level: we were able to interact with some of the most-skilled CTF participants in the world, and witnessed various kinds of security solutions that are in practice today. It has solidified our understanding of the technology of information security, and inspired us to work even harder to reach up to that level. The event has definitely been very inspiring and will spur us to further improve and compete at a higher level in future events.

 

 

 

 

© Copyright 2001-2012 National University of Singapore. All Rights Reserved.

This page is dynamically generated by the Drupal CMS.