Team Europe & the International Cybersecurity Challenge

Hello everyone, my name is Christina Skouloudi and I am a cybersecurity expert at ENISA. Today I would like to give you an overview on Team Europe and the International Cybersecurity Challenge. Let's start with the International Cybersecurity Challenge. The first edition of the International Cybersecurity Challenge took place in Athens in June of 2022. In particular, from the 14th of June until the 17th of June, we had a four-day event that was following the schedule that you can see on your slide. So the first day we had the testing day, where people came to test the infrastructure and also the tools that they would use for the competition. Then the day of the 15th of June, we had the first day of the CTF, which was a jeopardy CTF and the different teams had to compete in five main different categories of jeopardy-style CTF challenges.

On the third day, we had the attack and defense day, a CTF that is focusing on having an infrastructure with different services that one has not only to attack to the other teams but also to defend for each team. And finally at the last day, we had the award ceremony where we announced the winners. The teams that took part in the ICC of 2022 were seven. We had teams participating from Canada, US, Latin America, Africa, Oceania, Asia, and Europe. In total we had more than 64 nations being involved in the teams and representing the different regions that just mentioned. The ICC takes example from the very successful project of ENISA since 2016, which is the ECSC, the European Cybersecurity Challenge where the different member states and other countries from Europe and the EFTAs have representation of teams that go to an annual event to compete in a CTF.

As mentioned one of the teams that participated in the ICC of 2022 was Team Europe and for ENISA that was a separate project training and preparing Team Europe for the ICC finals. ENISA's main objectives for Team Europe was to form and train the final Team Europe. We had to make sure that we will create a diverse, balanced and strong team of 15 young people, age from 18 to 26 years old as it was in the rules of the ICC for participating. We had also to achieve the best possible result for the ICC of 2022. That was one of our main goals. And in order to assure that we will do our best, we wanted to collaborate with people and stakeholders that would help us in this project to train and form Team Europe. So we had the Team Europe trainers, a group of five people from different countries with experience in CTFs that collaborated with ENISA closely throughout the training path of Team Europe.

We had also the ICC steering committee, which is the steering committee that defines the rules and also shares all the information for the different teams that are participating in the International Cybersecurity Challenge. The steering committee of the European Cybersecurity Challenge was also involved since it nominated young people for joining as Team Europe candidates in the first place and out of these candidates for Team Europe, we selected the final Team Europe. We also created a subcommittee, the international subcommittee as we call it of ECSC, which was people that were representing the ECSC steering committee, but at the same time were being consulted by us for everything that was taking into consideration for deciding for Team Europe and for the ICC as well. So we started with the pre-selection process where as I said before, we had to create a pool of eligible members for Team Europe and we reached out to the ECSC steering committee where the national representatives proposed up to four candidates each, up to two male and up to two female candidates per country.

We had the pre-selection concluding with all the candidates that were nominating successfully joining certain trainings and CTF qualifiers that were provisioned in order to reach to the decision of the final Team Europe. It is important to state here that ENISA covered all the expenses for the candidates at traveling and accommodation during the bootcamps that we organized and all the events that were dedicated in preparing Team Europe and training Team Europe candidates. Also together with the trainers of Team Europe we prepared all the criteria, the processes for the selection, the training path, we prepared the requirements for the platforms and everything else that had to do with the preparation of Team Europe was done in collaboration with Team community trainers. Now let's look closer the training path that we developed for Team Europe. We started with setting up an online training platform since May of 2021 where we provided access to the first pool of candidates of Team Europe that we had from the nominations of the ECSC steering committee.

In the beginning we had 36 candidates for Team Europe from the call for expression of interest that we had and from the nominations that we were provided from the ECSC steering committee. All of them were granted access to an online training platform that was a continuous training module that we had. So since May of 2021 until the finals of the international competition, we had this platform up and running for all the candidates and later on for Team Europe to be able to prepare to test their skills and to practice. Then in July of 2021, we had our first bootcamp in Tallinn of Estonia. We had the first bootcamp where we had all the 36 candidates for Team Europe coming and meeting for the first time and had several trainings on different topics. Later on, we had the CTF qualifiers which was an online event that was held early September for all the candidates in order to assess the strong profiles and who could make it for the final team.

In the ECSC of 2021 in Prague, we also opened a second call for expression of interest where we were able to collect more candidates for Team Europe and there we reached to the 55 candidates for Team Europe. After that we had a second bootcamp where we invited almost all team Europe candidates in Turin, and we had again a three days event training on different topics where I'm going to present later on in detail. In March, we had a third bootcamp in The Hague, where again we had team building activities and also trainings for the 55 candidates of Team Europe that we had after the second call and of course we had also a second CTF qualifier early April in order to again assess the technical skills of the candidates and reach to the final decision of who is going to be in the Team Europe. So some statistics I have here is that out of the 55 candidates that we managed to have for Team Europe after the second call for expression of interest we had 21 countries that were represented in this pool of candidates and the gender balance statistics that I can share here is that we had out of the 55 candidates 40 male and 15 female candidates for team Europe.

In detail the bootcamps that I mentioned before are presented here. So in July of 2021, we had the first bootcamp in Tallinn of Estonia where we had trainings on mobile security and attack and defense. At the third day of the event in Estonia we had also a team building activity in order to provide the opportunity to the candidates of Team Europe to bond and to learn more about each other. On the second bootcamp that we had in Turin of Italy, we had trainings on web exploitation and cryptography and again we had also a team building activity in order to build more cohesion in team and ensure that collaboration elements are being enhanced. In the third bootcamp that we had in The Hague, we had of course again trainings that were focusing on attack and defense once again because we consider it an important element since it was 50% of the ICC finals and that made it a topic of course that it was of importance but we had also trainings on forensics and on binary exploitation as you can see.

Besides the trainings and the bootcamps that I mentioned we had also two CTF qualifiers. We wanted to make sure that we have increased participation during these online events and for that reason we organized them during weekends. It was a 24 hours straight event both times for both CTF qualifiers in order to accommodate all different time zones as we had candidates also residing in different countries than EU. We had to assess the technical skills but also the strategy of all the people that would take part in the qualifiers and in order to make sure that we take the best experts that we need in the main categories that would be also in the ICC finals. We had the qualifiers focusing in the five categories of challenges that would be also the five categories of challenges for the ICC. So we had web exploitation, binary exploitation, reverse engineering, forensics and crypto challenges in the CTF qualifiers in order to identify the best profiles in all these categories.

We had of course three difficulty levels per category easy, medium and hard so that would allow people that are not mastering specific categories to also accumulate points for other categories and in total we had 15 challenges in each CTF qualifier. As I mentioned before the first CTF qualifier with the 36 candidates that we had at that time took place on September of 2021 while the second CTF qualifier took place in April of 2022 with 55 candidates. After this training path that I presented, we had the final bootcamp when we selected the final Team Europe. So following the second CTF qualifier we were able to have all the information available that would allow us to select the final team Europe. And after selecting the final team Europe we organized for one more bootcamp only with the team Europe plus five people that were added in the reserve list. So we had in total 20 people that participated in the final bootcamp of Team Europe from the 13th to the 15th of May in Vienna. It was again a three days event that was aiming to simulate the days of the ICC finals.

So the first day in order to test the tools and also to clarify the roles and responsibilities of each team member we had a jeopardy CTF where we had challenges from the different five main categories that I showed to you before and the people collaborating for the first time as a team in order to successfully solve the challenges of the jeopardy CTF. In the second day we had an attack and defense CTF where all together again they had to collaborate as a team, define the roles and responsibilities on who is patching, who is exploiting, who is doing the sysadmin, all these different roles and responsibilities again had to be divided within the team but also there was an opportunity to test the tools that they had available in order to conduct the attack and defense CTF.

On the third day we had a technical briefing after observing what was learned from the two days experience that we had previously. We had a session dedicated on the lessons learned and on what should be improved until the finals and of course we had also a training that was focusing on Windows this time. And this is Team Europe in this nice picture in the sunny weather of Athens you can see the 15 members of Team Europe plus the five members of Team Europe trainers in a picture right before the first day of the competition of the jeopardy CTF. Some words about the diversity of team Europe and the statistics. So out of the 20 people that we had selected, which was the 15 main members of team Europe plus the five members for the reserve list we had a percentage of 20% of female represented in the team and 80% represented of males in the team. We also had 12 countries represented in the final team of 15 members of Team Europe and we had 15 countries represented in the final team of team Europe plus the reserve list members.

As you can see there these are all the different countries that we had from Czech Republic to Italy to Spain, to Norway, to Belgium, you can see that we had people coming from many different countries of Europe. Some words about the ages that we had in the Team Europe so in the blue bar charts you can see that we had people from 21 to 26 years old in Team Europe while in Team Europe calculating also the reserve list members we had people from 19 years old up to 26 years old. And this is the skillset of Team Europe. As I mentioned before we have five main categories for the jeopardy CTF which is the binary exploitation, the reverse engineering, web exploitation, crypto and forensics and in order to know what are our strengths and weaknesses we had this nice diagram where we had with the blue line representing the skillset of Team Europe while with the red line we had representing the skillset of Team Europe plus the reserve list.

And after all this preparation, after all this hard work and after all these trainings that we had and I presented to you with team Europe, we were in the very happy position to win the first place in the International Cybersecurity Challenge. So you can see here a very nice picture of the Vice President of the European Commission, Margaritis Schinas, giving the prize of the first place of the overall winners to Team Europe where they celebrated a lot and they of course enjoyed a lot this win. We had of course Asia coming second and also US coming third and I think that bravo and congratulations is deserved to all the teams that participated in the ICC.

So if you are interested also in participating in the next Team Europe candidates since we are preparing now already for the next year competition that is going to take place in the US for 2023, please register in the openECSC.eu and make sure that you don't miss out the CTF that we will organize in order to identify young people from 18 to 25 years old that can master one of the main categories of challenges that we presented and that can make it for the candidates of Team Europe for next year. If you are interested in finding more information about what I presented for Team Europe and the International Cybersecurity Challenge feel free to reach me through email or my mobile and I will be responding back to you as soon as possible. I am Christina Skouloudi and thank you very much for your attention.