While Ukrainian hackers are known the world over, the white hat hackers are often overlooked, with an emphasis being placed on those involved in criminal activity. The AIN.ua website recently published a piece on the Capture The Flag Team from the Ihor Sikorsky Kyiv Polytechnical Institute which ranked amonst the best in 2016. The team known as DefCon-UA , dcua in short, beat out the Dragon Sector team from Poland and Russia’s LCzBc. Over twelve-thousand teams of white hat hackers from around the globe participated in CTF competitions in 2016.
Capture The Flag Competitions
Computer Security Competitions have been run as CTF events since 1995 and according to the Kyiv Politechnical Institute the CTFtime rating is one of the most prestigious for white hat hackers. The ranking is cumulative and is based on about seventy different competitions held throughout 2016. Throughout 2006 white hat hackers from Ukrainian universities and IT-companies walked away with accolades at twenty-four of the competitions during 2016.
The controlled environment events take on a number of different formats including attack-defense, jeopardy and mixed according to the CTFtime website and can be more aptly described as follows:
Jeopardy-style CTFs has a couple of questions (tasks) in range of categories. For example, Web, Forensic, Crypto, Binary or something else. Teams gain points for every solved task, usually with higher point levels assigned for more complicated tasks. The next task in a chain can be opened only after a team solves the previous task. All games have a time limit and when the time is up the team with the most points is the winner.
The attack-defence is another type of competition. Here every team has its own network (or only single host) with vulnerable services. The attack team team has time usually has time to develop exploits while the defence team has time to patch vulnerabilities. The organizers connects the participants of competition and the wargame begins! Both attackers and defenders score points for either for hacking or defending. Historically this was the first type of Capture The Flag competitions, and the DEF CON CTF is comparable to the World Cup in other sports.
Mixed competitions may vary possible formats. It may be something like wargame with special time for task-based elements (like UCSB iCTF).
The dcua team at KPI was established five years ago in 2012 and is coached by Mykola Ilin a researcher at KPI, together with a number of graduate students including Viktor Sytnyk, Mykola Ovarchuk, Andriy Danylyuk and others. Currently the team has fourty-three active members.
Improving on Results
The 2016 ranking is an improvement over the previous year’s when they ranked in sixth place behind two teams from the United States Russia, Hungary and China. Though in 2016 their cumulative score has substantially higher than the team from Poland. While dcua was extremely successful in 2016, the other twelve teams from Ukraine which participated did not even make the top five-hundred. The three countries having the most teams participating were the USA, Russia and India with eight-hundred and twenty-one, three-hundred and forty-seven and three-hundred and twenty-two teams respectively. Nevertheless, there are probably many talented individuals within the other teams from Ukraine and there is no doubt in my mind that there will be others in the future who will become as well known as one of Ukraine’s best known white hats.
One of Ukraine’s best known white hats is Nick Bilogorskiy and according to his LinkedIn profile he is “a founding team member at Cyphort, a next-generation anti-malware startup, and is currently leading security research there. He came to Cyphort from Facebook where he was the chief malware expert and a security spokesperson for the company, keeping 1 billion active users safe and secure. His Facebook focus was on annihilating botnets that targeted Facebook (e.g., Koobface) by developing countermeasures, remediating victims and working with law enforcement agencies on bad actor attribution and enforcement. Prior to joining Facebook, Nick managed virus research teams at SonicWALL and Fortinet.”