International Cyber Security Summer School 2019 (ICSSS 2019)

ICSSS 2019 in The Hague

In the end of august i participated to ICSSS 2019 in The Hague (Netherlands). We had different lectures about cybersecurity in various places such as Leiden University, NCI Agency, Europol, The Hague Security Delta, Dutch innovation factory. We also had the full week to work on different challenges in groups. My challenge was about Cyber resilience for The Hague Center for Strategic Studies.

What is ICSSS 2019?

« The International Cyber Security Summer School (ICSSS) is an annual summer school, originally organised by NATO C&I Agency, Europol, the Netherlands Ministry of Defence Cyber Command, Leiden University and The Hague Security Delta. « 

Source: ICSSS website

What happened?

Day 1

Day 1 of ICSSS 2019

Useful to know about Day 1:

The ice breaker game:

The afternoon was animated by Ákos Wetters. Akos offered an app for an Ice Breaker game called SpotYet. We had to take a selfie and answer questions about ourselves. Then, the app showed us the picture of the person we had to talk to and after finding the person, we could talk about our answers or about anything else we fancied. It gave us the possibility to have one on one conversation instead of having to introduce ourselves in front of 60 other persons. Here is a map of our interconnection during the event made by SpotYet.

SpotYet interconnexions map of our ice breaker game

A blue team vs red team workshop

Scenario of red team versus blue team game

The red team versus blue team game was made by Leila Taghizadeh. The read team is suppose to hack the blue team. The red team had to explain the process they would use to hack the company. The blue team had to explain how they would protect themselves.

ICSSS Tweet about Day 1

Day 2

Day 2 of ICSSS 2019

Useful to know about Day 2:

  • The lecture of the morning by Professor Bibi Van Den Berg was a broad overview of cyberspace. The following subjects were tackled: Human error and cybersecurity incidents, Law as an incentive to prevent human error, alternative way of steering human behavior.
  • The workshop of the afternoon was made by Els de Busser. It was an exercise about NotPetya. We were divided in groups some represented the Russian and the others, the Ukrainian. We had to build an argumentation to defend the team we were in so that we could give our point of view in front of the International court of law.
ICSSS tweet about Day 2

Day 3

Day 3 at ICSSS 2019

Useful to know about Day 3:

The subject tackles in the keynotes were as follow: Introduction to the NCI Agency, Cyber Security at the NCI Agency, Career opportunities at the NCI Agency.

NCI Agency’s tweet about Day 3

Day 4

Day 4 at ICSSS 2019

Useful to know about Day 4:

  • The keynotes were made by Maia Spilman and Michael Payne.
  • In the first workshop of the afternoon we saw how to transform a Raspberry Pi into a hacking tool. It was lead by Niels Vonk and Ramon Janssen
  • In the second workshop of the afternoon we worked on a home made version of OWASP Juice shop. It was lead by Wout Debaenst and Ricardo Sanchez Marchand.
ICSSS tweet about Day 4

Day 5

Day 5 at ICSSS 2019

Useful to know about Day 5:

The subjects tackled in the morning lecture by Jarek Jakubcek were : Introduction to Europol EC3 and latest cybercrime trends and threats, Use and abuse of cryptocurrencies, Cryptocurrency investigations and strategic investigations, Blockchain, OSINT and the Europol on-the-job experience.

Europol’s tweet about Day 5

Day 6

Day 6 at ICSSS 2019

Useful to know about day 6:

The subject tackled in the keynotes of the morning were the following: short briefing on the concept of the Dutch Innovation Factory, Cyber Security activities within an international context. Also, Dr Rutger Leukfeld made a lecture about The Human factor in cybercrime and Peter Janssen presented Cybersprint.

Dutch Innovation Park’s tweet about Day 6

Summary of ICSSS 2019 in pictures

ICSSS 2019 summary in pictures

Why should you attend ICSSS ?

  • ICSSS gives a holistic point of view of cybersecurity. We had ethical hacking workshops and also tackled subjects as various as: laws, policies, cyber resilience, crypto currencies, …
  • Meet people from all over the world (this year 22 different countries). But also a great panel of different backgrounds from technical to legal.
  • The lectures were made by renowned University professors but also by experienced professionals from different fields (private and public sector).
  • Don’t hesitate to apply your motivation will lead you the way! This experience is a once in a lifetime.

To go further

Engensec IT Security Summer School

(Article disponible en français plus bas)

To move forward in my challenge, I decided to attend a Summer School. That is how in july, i had the great opportunity to attend a European Program in Cybersecurity in the beautiful city of Lviv (Ukraine).
This program was held by the Lviv National Polytechnic University and the classes were organised in a beautiful annexe of the University.
view from the outside
entrance hall
corridor
Many students from different countries were attending this studious week: Ukraine, Sweden, Poland, Netherland, Luxembourg and France.

Presentation of the IT Security Summer School in the Lviv National Polytechnic University.

Why a Summer School ?

Well, a Summer School is a short and intensive way to gain skills quickly plus you get to meet people from all over the world.
Also, it seemed important to me to confront my knowledge with practical exercises in group to give an interactive dimension to my learning in self-training. Finally, being coached by cybersecurity experts during the summer school allowed me to consolidate the knowledge acquired during the previous months.

What did we learn ?

On the first day, we had a first assignment which was fun. We were given a list of teams named after malware. The goal was to find our team mates with the help of this list. It was a very good ice breaker to first meet attendees. To go further with the social interactions we also had a team quest to do in order to get to know each other better and discover the city.

The high quality courses were taught by professors from leading European universities such as Sweden, Poland and Ukraine.

The four main subjects discussed during the week

Malware Analysis

First, the history of ransomwares (first ransomware: AIDS trojan 1989) was discussed.
Then we reviewed different ransomwares: their encryption method, how they interact with the user and for some of them how to decrypt files.
The practical exercises allowed me to understand the necessary steps to analyze malware.
However, there is no single way or infallible method. This field requires great patience and perseverance to gain more experience.

Software Security

This course was about : Programming problems and buffer overflows, Defensive programming, Revision control systems and Good practices.

About the part « good practices », i wish i had such a course during my training as a programmer. Good practices in development for security is, in my opinion, a must known for every developer.

The lab about buffers was really helpful to better understand the buffer overflow error and how it can make a software very vulnerable. I had another Lab in which i had to manipulate and debug a program in order to find a password.

Web Security (including web app vulnerabilities)

Web security is quite an important piece in cybersecurity.
This class gave me an overview of the most common vulnerabilities on the web. With this course I was able to complete my list of tools and Websites related to Web security.

I really enjoyed the practical exercises because they were divided into several stages and allowed me to progress naturally according to the level of difficulty. More precisely during these exercises I tested the vulnerabilities during authentication, SQL injection, XSS vulnerabilities and ethical hacking.

Pentesting

This course gave a good overview of the duties of the pentester.
First we discussed several elements such as technical terms, the different types of hacker, pentesting tools and methodologies.
We also worked on the methodology to follow when writing a pentesting report.
Also, I learned the techniques of malicious hackers in order to propose a good defense strategy.

Finally, all the practical exercises allowed me to get use to the tools used during pentests, analyze vulnerabilities, test web applications and put social engineering methods into practice.

A step in the workforce

At the end of the fourth day two professionals came to share their experiences in the Security Operation Center of a Ukrainian business. They described their work and the issues they had to tackle every day.

This presentation gave us an inside point view of cybersecurity professionnals.

A place of culture and full of history

The City of Lviv

Lviv is a city in western Ukraine which was founded in the 13th century but has roots since the 6th century. Needless to say it is full of history.

Opéra House of Lviv Opera House of Lviv

You’ll have many opportunies to widen your culture:

  • Go to the Opera and see a beautiful piece
  • Visit beautiful churches
  • Just walk around in the streets of the old town
  • Eat and discover local gastronomy

The city tour

Engensec organized for us an amazing city tour with historic reconstitution and actors in costums in many corners of the city.
It was very a good break from the classes and a good entertainment.
sword fight
guided tour

Why you should attend Engensec?

– The organizers are very welcoming and helpful
– You get to have social interactions with people from all over the world
– If you want high quality classes for a great value this is totally the place to go
– You get a certification in the end of the week and ECTS for a total of 60 hours
certificate example

To go further


Pour avancer dans mon défi, j’ai décidé de suivre une summer school. C’est ainsi qu’en juillet, j’ai eu l’opportunité d’assister à un programme européen de cybersécurité dans la belle ville de Lviv (Ukraine).
Ce programme a été organisé par l’Université Polytechnique Nationale de Lviv et les cours avaient lieu dans une magnifique annexe de l’Université.

view from the outside
entrance hall
corridor

De nombreux étudiants de différents pays participaient à cette semaine studieuse : Ukraine, Suède, Pologne, Pays-Bas, Luxembourg et France.

Présentation de Engensec security summer school à l’Université polytechnique nationale de Lviv.

Pourquoi une summer school ?

Une summer school est un moyen court et intensif d’acquérir rapidement des compétences et de rencontrer des gens du monde entier. Aussi, il m’a semblé important de confronter mes connaissances à des travaux pratiques en groupe pour donner une dimension interactive à mon apprentissage en auto-formation. Enfin, être accompagné par des experts en cybersécurité pendant la summer school, m’a permis de consolider les connaissances acquises durant les mois précédents.

Qu’avons-nous appris ?

Le premier jour, nous avons eu un premier exercice assez amusant. On nous a donné une liste d’équipes portant le nom d’un logiciel malveillant. Le but était de trouver nos coéquipiers à l’aide de cette liste. C’était une très bonne façon de briser la glace. Pour aller plus loin dans les interactions sociales, nous avions aussi une quête à faire en équipe pour mieux se connaître et découvrir la ville.

Les cours de qualité étaient encadrés par des professeurs de grandes universités européennes telles que la Suède, la Pologne et l’Ukraine.

Les matières abordées dans la semaine

Malware Analysis

Dans ce module nous avons abordés l’historique des ransomwares (premier ransomware: AIDS trojan 1989).
Ensuite nous avons passé en revue différents ransomwares: leur méthode d’encryption, la façon dont ils se manifestent pour l’utilisateur et pour certains comment décrypter les fichiers.

Les exercices pratiques m’ont permis de comprendre les étapes nécessaires pour analyser un malware.
Pour autant, il n’existe pas une seule façon de faire ni une méthode infaillible. Ce domaine implique une grande patience et persévérance pour laisser place aux tâtonnements et à l’expérience.

Sécurité des logiciels

Dans ce cours nous avons abordé : les erreurs de programmation dont le buffer overflow, la programmation défensive, les systèmes de contrôle de révision et les bonnes pratiques en programmation.

En ce qui concerne la partie « bonnes pratiques », j’aurais aimé avoir un cours comme celui ci lors de ma formation de développeuse. Selon moi, il est indispensable de connaître ces bonnes pratiques afin d’être en mesure de livrer des logiciels sécurisés.

L’exercice pratique sur les buffer a été vraiment utile pour comprendre comment l’erreur buffer overflow peut rendre un logiciel très vulnérable. Dans un autre exercice, il fallait manipuler et débugger un programme afin de trouver un mot de passe.

Sécurité Web (dont vulnérabilités des applications Web)

La sécurité Web est un élément essentiel de la cybersécurité. Ce cours donne un aperçu des vulnérabilités les plus courantes sur le web.
Aussi grâce à ce cours j’ai pu compléter ma liste d’outils et de sites Web relatifs à la sécurité du Web.

J’ai beaucoup apprécié les exercices pratiques car ils étaient découpés en plusieurs étapes et permettaient de progresser naturellement en fonction du niveau de difficulté. Plus précisément lors de ces exercices j’ai testé les vulnérabilités lors d’authentification, l’injection SQL, les faille XSS et le hacking éthique.

Pentesting

Ce cours donnait un bon aperçu des missions qui incombent au pentester.
Tout d’abord nous avons abordé plusieurs éléments comme les termes techniques, les définitions des profils de hackers, les outils et les méthodologies du pentesting.
Nous avons également travaillé sur la méthodologie à respecter pour la rédaction d’un rapport de pentesting.
Aussi, j’ai pris connaissances des techniques de pirates malveillants afin de proposer une bonne stratégie de défense.

Enfin, tous les exercices pratiques m’ont permis de me familiariser avec les outils utilisés lors des pentests, d’analyser des vulnérabilités, de tester des applications web et de mettre en pratique des méthodes de social engineering.

Un aperçu des opportunités d’emploi

A la fin de la quatrième journée, deux professionnels sont venus partager leur expérience dans le Security Operation Center d’une entreprise ukrainienne. Ils ont décrit leur travail et les problèmes auxquels ils étaient confrontés au quotidien.

Cette présentation était intéressante pour avoir un point de vue de professionnels de la cybersécurité.

Un lieu de culture et plein d’histoire

La ville de Lviv

Lviv est une ville de l’ouest de l’Ukraine qui a été fondée au 13ème siècle mais qui a des racines depuis le 6ème siècle. C’est donc une ville pleine d’histoire.
Opéra House of Lviv Opera de Lviv

Ainsi, vous aurez de nombreuses occasions d’élargir votre culture :

  • Aller à l’Opéra et voir une belle pièce
  • Visiter de belles églises
  • Marcher dans les rues de la vieille ville
  • Découvrir la gastronomie locale

La visite de la ville

Engensec a organisé pour nous une visite avec une reconstitution historique faite par des acteurs en costumes dans de nombreux coins de la ville.
C’était une très bonne pause des cours et un bon divertissement.
sword fight
guided tour

Pourquoi vous devriez venir à Engensec?

– Les organisateurs sont très accueillants et serviables.
– Vous aurez des interactions sociales avec des gens du monde entier.
– Si vous voulez des cours de haute qualité pour un prix abordable, c’est l’endroit idéal.
– Vous obtenez une certification en fin de semaine et des ECTS pour un total de 60 heures.
– Le programme est ouvert à tous sans condition de niveau ou d’âge.

certificate example

Pour aller plus loin