ViSP supports European Cybersecurity Challenge
In September 2022, ViSP member Marco Squarcina took on the role of principal coordinator for the prestigious European Cybersecurity Challenge (ECSC). This highly regarded event attracted participants from 28 European countries and featured five guest teams from the United States, Canada, the United Arab Emirates, Israel, and Serbia. The ECSC 2022 brought together over 330 talented individuals for two intense days of ethical hacking battles. The ECSC aims to motivate and support teenagers and young individuals who possess cybersecurity skills, guiding them in their training and career paths.
Marco Squarcina led a team of 16 national and international experts in designing and implementing the competition’s second-day activities, which were structured as an attack/defense Capture the Flag (CTF). Each team controlled a virtual server containing various custom programs developed by the event organizers, known as “services”. The services contained realistic vulnerabilities of different difficulty levels. The team’s objective was to identify vulnerabilities in their server, patch them, and simultaneously launch attacks on other teams to capture flags strategically placed within the services. This competition required participants to master a diverse range of technical and soft skills, including network analysis, patch management, fast decision-making, and effective team coordination.
The attack/defense CTF of ECSC 2022 was one of the largest events of its kind ever organized, with hundreds of participants in the same room continuously attacking each other for nine and a half hours. The organizers developed a novel infrastructure to host the competition, including a cluster of 120 nodes to handle the extreme load of the event. Participants generated nearly 4TB of network traffic during the CTF. Seven services were meticulously developed, each containing five to ten custom vulnerabilities. These services showcased innovative approaches to the attack/defense CTF format, such as the execution of full-fledged web browsers and a CAN bus connecting vulnerable microservices.
Marco Squarcina’s leadership and expertise played a crucial role in ensuring the smooth execution of the event, making it an exceptional experience for all involved. His contributions, along with the hard work of the organizing team, elevated the ECSC 2022 to new heights, solidifying its reputation as a premier cybersecurity competition.