White-Hat Hacker Teams Capture the Flag in CTF Cyber Security Competition

Tarih: Issue 87 - December 2018

In line with the vision identified for the area cyber security by the Presidency of Defence Industries, STM conducted a series of cyber security activities in Ankara. 

50 teams attended the fourth annual CTF Capture the Flag Cyber Security Competition with the participation of the government, universities and the private sector.

Hosted by STM, Turkey’s cyber security competition took place on October 31, at Ankara Sheraton Hotel this year for the fourth time under the auspices of the Presidency of Defence Industries (SSB). The event was realized with the participation of the President of Defence Industries Prof. İsmail DEMİR who witnessed the day-long white-hat hacker competition. Presented by Serdar KUZUOĞLU, with whom the IT industry is quite familiar, the event became the center of attention for professionals in this area as well as technology fans.

President of Defence Industries Prof. İsmail DEMİR: “In our times, even in the environments where we think there are no wars, various struggles occur in different structures and platforms. Presently, the protection of our country’s sensitive information, our institutions and Turkish companies are included in the concept of national Defence. We do not regard this struggle in this new area as a mere hardware problem. The most critical problem here is the training of competent human resources, and the development of indigenous and national software and their utilization as a whole in line with the interests of our country. We should bear in mind that the IT software imported from foreign countries are uncontrolled and unrestrained. There is a big gap at this point. In my opinion, the activities towards filling this gap in the Cyber Security area should be launched starting from hardware. We are focusing on software yet we have a gap starting from the hardware area. I would like to underline that, regarding critical production such as semiconductors and circuit designs, activities are being conducted both by our Presidency and by the relevant Ministries. To this end, we attach great importance to the annual CTF Capture the Flag event”.

STM General Manager Murat İKİNCİ noted that they have been accomplishing innovative activities in cyber security under the guidance of the Presidency of Defence Industries and added: “STM has been making critical investments in the cyber security area with its integrated cyber security capabilities, R&D activities executed in this area, its regular cyber threat status reports, CTF competitions and its indigenous and national decision support software which we introduced today – the CyDecSys. Our determination in developing critical technologies through qualified human resources and indigenous facilities that fulfill one of the most cyber-attack exposed countries - Turkey’s demands will continue”.

The two-staged CTF Competition organized for the fourth time by STM was held on 28-29 September this year. Following the 36-hour long online pre-selection in which 130 teams and 500 people competed, the successful teams attended the final contest on October 31 and went head to head to find each other’s cyber security vulnerabilities and hack each other’s systems. At the end of the competition, the winning white-hat hacker team was awarded with a prize of 20,000 TL, the second team was awarded with 15,000 TL and the third team was awarded with 10,000 TL.

Vulnerability Management Getting Easy with the CyDecSys!

At the event, STM revealed to the public the indigenous and nationally integrated cyber security decision support system CyDecSys which is a critical innovation in the area of cyber security. Having features allowing it to compete in international markets in addition to Turkey, CyDecSys automatizes functions such as network topology building, vulnerability detection, classification according to risks and the building of attack trees and thus supports the management of the cyber security processes. 

Deputy General Manager of the STM Dr. Ömer KORKUT stated that the CyDecSys developed through national resources by STM rendered the cyber security risks of institutions manageable and continued: “Under normal circumstances, the number of the vulnerabilities within the networks of any given institution is expressed in thousands. The cost of cyber-crimes globally in 2018 is declared as US$3 trillion. Within these costs, in addition to the damage caused to institutions and to individuals, the resources allocated to reputational losses and side effects emerging as a result of interruptions exist as well. This cost is projected to increase to $US6 trillion in 2021. As STM, we have been investing significantly in cyber security for the last five years. Our R&D activities in this area continue. And here today we are launching the CyDecSys - one of the outputs of our activities”. 

National Vulnerability Data Base Support

The CyDecSys Cyber Security Decision Support System, began development by STM in 2016, conducting the analysis of cyber security risks caused by vulnerabilities in order to manage a large number of vulnerabilities. CyDecSys enables the detection of the vulnerabilities over the existing systems, prioritization of risks for the elimination of the vulnerabilities, simulation of the measures to be adopted regarding these risks and effective risk management. 

The aim is to assume a leading role in the establishment of the national vulnerability data base as well with the CyDecSys Cyber Security Decision Support System. To this end, the CyDecSys will be enriching its own data base with the vulnerability details of indigenous software and detection scripts.

Offering Cyber Threat Intelligence, Cyber Operation and Malicious Software Analysis services within the scope of the Cyber Fusion Center, STM also introduces CyDecSys in its cyber security portfolio as a complementary product independent from the above mentioned services.