DefCamp 2023: Vulnerabilities in cloud technologies, smart devices, or telecommunications, as well as the impact of AI and quantum computing on security solutions and attack scenarios for 2024

The evolution of AI & Machine Learning and quantum computing, as well as the increased use of IoT devices, present more and more hacking opportunities for attackers. During DefCamp 2023, the most relevant regional cybersecurity and hacking conference held in Bucharest on 23 and 24 November, the experts recommended the best security solutions for companies that want to stay up to date with the latest developments in the field and want to strengthen their security posture.

They also recommended a closer collaboration between authorities, organizations, and cybersecurity firms to develop a robust defense system capable of dealing with the most sophisticated attacks. The infosec community is growing yearly, with over 540 companies and almost 2,000 participants at DefCamp 2023, 25% more than last year.

Defense, the main topic addressed by speakers at DefCamp 2023

Zero-knowledge authentication protocols, the security of cloud technologies, smart devices, and equipment or in the telecom industry, and the impact of automation in defense strategies were among the most important topics addressed by experts at DefCamp 2023. An equally important topic of discussion, that was addressed in several presentations, covered the vulnerabilities of critical infrastructure, especially in a tense geopolitical context where combatants may resort to attacks on areas that are essential to the smooth functioning of a country’s economy. In this area, Ta-Lun Yen, Senior Vulnerability Researcher, drew attention to thevulnerability presented by modems, where attackers can easily use various backdoors to enter and disrupt the system. Radu Ionicioiu, Senior Researcher in Quantum Technologies, stressed the importance of integrating quantum cryptography into critical communication systems, as quantum computers are no longer a topic of the future and the risk of potential quantum attacks on conventional encryption systems will gradually increase.

55 experts addressed trends that will shape the future of cybersecurity at DefCamp 2023 in front of participants from 49 countries. One of the most important conclusions of this year’s edition was that no individual or organization can achieve 100% security. Still, everyone can take appropriate measures, with the help of experts, to build resilience to cyber threats. However, experts stressed that this goal can only be achieved through a joint effort by all parties involved.

The level of participants’ expertise was extremely high, as more than a quarter of the participants are Security/DevSecOps, almost 20% Engineer/Architect, and about 15% Senior/Expert/Head in cybersecurity. Furthermore, more than 540 companies attended DefCamp 2023, and nearly half of this year’s attendees are returning conference participants.

“In a context where the evolution of cyber-attacks showed that no entity can be 100% protected, the only solution that remains valid is to strengthen the actions we can take to become as resilient as possible in the face of these threats. To this end, collaboration between public, academic, and private sectors is essential, and developing a community that comes up with valuable and up-to-date information every year is a priority for us at DefCamp. The evolution of phishing, disinformation, and Artificial Intelligence making our devices more vulnerable were all subjects debated at this year’s DefCamp. In addition, the large number of attendees and partners, those who contribute to the dynamics of the DefCamp ecosystem year after year, are already making us rebuild our strength and prepare for a future DefCamp edition, which we hope will offer an even more challenging experience”, says Andrei Avadanei, DefCamp founder.

Over 800 participants entered the Hacking Village competitions to test their hacking and cybersecurity skills

Educational activities or Capture the Flag (CTF) competitions attracted many competitors – over 800 – again this year in the Hacking Village, the area dedicated to cybersecurity education and knowledge development at DefCamp 2023. The international team PTB_WTL placed first at DefCamp Capture The Flag (D-CTF), the largest CTF competition in the Central and Eastern European region, LuckyLucian (international team) ranked second, and the third place was claimed by The Few Chosen, a local team that also won the “best team in Romania” award.

More than 600 teams from over 80 countries participated in the D-CTF qualifiers. In addition, this year’s D-CTF finals offered a unique experience for participants, with a mixed format that combined the classic Jeopardy-style CTF, in which each team had to find solutions to a set of challenges from several security areas, with an Attack and Defense competition, which tests both the offensive and defensive skills of a specialist.

In addition to D-CTF, DefCamp 2023 participants had the opportunity to compete in 13 other activities within Hacking Village, where the CyberEDU educational platform hosted 7 of the 13 activities in areas such as hardware, software, and network hacking, digital forensics, reverse engineering and more. The Hacking Village area made significant progress this year, which is confirmed by the fact that in many of the proposed activities, the number of participants or competitors exceeded 100, a significant increase compared to previous years.

More details about the competitions and the list of speakers are available on the official event website.

The DefCamp 2023 event was organized by the Romanian Cyber Security Research Centre Association (CCSIR), powered by Orange Romania. The conference was also supported by Bit Sentinel, Booking Holdings, Keysight Technologies Romania, and the National Institute for Research and Development in Computer Science – ICI Bucharest as Gold partners, Pentest-Tools.com, MSD, TwelveSec, OPSWAT, FORT, Bitdefender and KPMG as Silver partners, as well as CyberEDU.

About DefCamp

From 2011 to date, DefCamp has succeeded in attracting nearly 13,000 participants from over 60 countries and 150 cities, cybersecurity, ethical hacking, cyber vulnerabilities, and interested in developing their technical skills. DefCamp also provides the environment to strengthen the cybersecurity ecosystem by facilitating collaboration and information exchange between experts in the field. The conference audience includes cybersecurity, project development, and research professionals (58%) and top management and decision-makers in companies (20%), as well as specialists in sales and consultancy (22%).