HSE Team Wins Student Information Security Competition
On November 10-11, the finals of the Moscow Capture the Flag interuniversity student competition in information security (M*CTF) took place in Russia. The winning team was Shadow Servants, which included students from the HSE Faculty of Computer Science and MIEM. This is the third year in a row that Shadow Servants has won M*CTF. Their next step is the 2018 Russian CTF Cup, which will take place between November 30 and December 1 at the Skolkovo Innovation Centre.
The team members include Denis Solonkov, Ilya Grekov, Roman Nikitin, Maxim Pershin, and Gleb Tretyakov (Faculty of Computer Science), as well as Ivan Novikov and Yana Kozlyuk (MIEM).
The M*CTF typically takes place in an attack-defence format. The organisers gave teams identical virtual machines containing four services. The services were written in different programming languages. They also had databases and consisted of specially selected vulnerabilities that allow one’s opponents to gain access to data. The objective of the competition is to find these vulnerabilities, protect your services, and gain access to data from your opponents’ services. The target data, called ‘flags,’ are generally lines of code in a particular format. A team’s final performance is assessed based on the number of lost and acquired flags, as well as the amount of time the team’s services maintained their functionality.
Yana Kozlyuk: ‘This type of game is unbelievably dynamic, and the pressure is on until the very end of the competition. This requires that your team be able to concentrate, quickly analyse a situation, and make decisions. Also very important is the relationship within the team and the competencies of the players. Shadow Servants, in any makeup of its players, has largely been successful at M*CTF and other competitions thanks to not only the high level of professional skills among participants, but also their ability to listen, follow directions, and look at a situation from a different angle and in a timely manner.’
Roman Nikitin: ‘To win at M*CTF, like at other attack-defence competitions, it’s important to have an experienced team that works well together and has flexible thinking. M*CTF was well organised, and the problem sets were well thought out and of a high quality. These competitions are Moscow’s only interuniversity CTF. In other words, only one team has the chance to defend the university’s honour, and only teams consisting of students from the same university are permitted.’
Teams had to make it through a task-based qualifying round to participate in the M*CTF finals.
Ivan Novikov: ‘You had to be one of the 10 best teams from the qualifying round. We shared first place with two other teams from HSE, but we were the ones to go to the finals since we solved the problems faster.’
Yana Kozlyuk: ‘Our team has a rich history. It’s hard to remember all of the competitions we’ve done. The most striking ones were probably RuCTF, RuCTFe, and the 2017 CTF Cup. RuCTF is the most interesting competition in my opinion, and the level of organisation and problem sets grows each year. Teams are invited based on their performance at RuCTFe, the remote attack-defence CTF. RuCTFe took place on November 10 this year, with Shadow Servants placing fifth among roughly 200 teams, which is something we’re incredibly proud of. The 2017 CTF Cup was held in early December last year at Skolkovo. The scale of the competition was incredible, and though there were a few minor hiccups (which we can forgive since it was the first time the cup took place), the two-day game was a success. We placed second, losing only to the team hackerDom, which is from Yekaterinburg and has been the organiser of RuCTF and RuCTFe for many years now.’
Two teams will represent HSE at the CTF Russian Cup 2018. The second, Lunary, is comprised of MIEM students who won a different competition, the large KubanCTF-2018. This event took place in Krasnodar on May 4-5 and saw the participation of 48 university teams from cities ranging from Simferopol to Novosibirsk.
M*CTF also had a special round for high school students. The winning team consisted of students from the HSE Lyceum: Andrei Masyanov, Alisa Kulishenko, Andrei Kiryukhin, Konstantin Veselov, and Alexander Korzun. They are all 10th and 11th grade students focusing on Mathematics, Information Technology and Engineering.
Unprecedented Cyber Attacks: Information Security Comes First for the State and Business
Changes related to the pandemic and the sanctions regime have led to the restructuring of the Russian information industry and changes in the policy strategy of its participants. What are the main risks and how best to cope with these new challenges? These issues were discussed during the ‘Digital Transformation of Business in the New Post-crisis Reality’ master class, organized by HSE Department of the Theory and Practice of Business-Government Interaction.
MIEM, WorldSkills Russia, and Industrial Partners Hold International Corporate Security Training Modules and Competition
From June 22 to July 9, 2020, the 2020 International BRICS Future Skills Camp Championship, which allows students to both expand and test their skills in enterprise information systems security, took place. The event was jointly organized by WorldSkills Russia (WSR), the HSE Tikhonov Moscow Institute of Electronics and Mathematics (MIEM HSE), and Far Eastern Federal University (FEFU). Students from Brazil, Russia, India, China, and the Republic of South Africa participated in the competition.
Students on the ‘Information Security Management’ Programme Get Training in China’s Huawei
Students studying for an MA in ‘Information Security Management’, Katerina Arinarkina, Eldar Beibutov, Evgeny Gusev, Nina Osenmuk, and Aminat Tarchokova, under the supervision of teacher Petr Baranov, have completed training courses with Huawei as part of the international ‘Seeds for the Future’ programme. The two-week course focused on studying contemporary information-communication technology, the principles of protecting information while working with it, experience of ensuring information security in a corporation that has a global network of subsidiaries.