International Cyber Security Summer School 2019 (ICSSS 2019)

ICSSS 2019 in The Hague

In the end of august i participated to ICSSS 2019 in The Hague (Netherlands). We had different lectures about cybersecurity in various places such as Leiden University, NCI Agency, Europol, The Hague Security Delta, Dutch innovation factory. We also had the full week to work on different challenges in groups. My challenge was about Cyber resilience for The Hague Center for Strategic Studies.

What is ICSSS 2019?

« The International Cyber Security Summer School (ICSSS) is an annual summer school, originally organised by NATO C&I Agency, Europol, the Netherlands Ministry of Defence Cyber Command, Leiden University and The Hague Security Delta. « 

Source: ICSSS website

What happened?

Day 1

Day 1 of ICSSS 2019

Useful to know about Day 1:

The ice breaker game:

The afternoon was animated by Ákos Wetters. Akos offered an app for an Ice Breaker game called SpotYet. We had to take a selfie and answer questions about ourselves. Then, the app showed us the picture of the person we had to talk to and after finding the person, we could talk about our answers or about anything else we fancied. It gave us the possibility to have one on one conversation instead of having to introduce ourselves in front of 60 other persons. Here is a map of our interconnection during the event made by SpotYet.

SpotYet interconnexions map of our ice breaker game

A blue team vs red team workshop

Scenario of red team versus blue team game

The red team versus blue team game was made by Leila Taghizadeh. The read team is suppose to hack the blue team. The red team had to explain the process they would use to hack the company. The blue team had to explain how they would protect themselves.

ICSSS Tweet about Day 1

Day 2

Day 2 of ICSSS 2019

Useful to know about Day 2:

  • The lecture of the morning by Professor Bibi Van Den Berg was a broad overview of cyberspace. The following subjects were tackled: Human error and cybersecurity incidents, Law as an incentive to prevent human error, alternative way of steering human behavior.
  • The workshop of the afternoon was made by Els de Busser. It was an exercise about NotPetya. We were divided in groups some represented the Russian and the others, the Ukrainian. We had to build an argumentation to defend the team we were in so that we could give our point of view in front of the International court of law.
ICSSS tweet about Day 2

Day 3

Day 3 at ICSSS 2019

Useful to know about Day 3:

The subject tackles in the keynotes were as follow: Introduction to the NCI Agency, Cyber Security at the NCI Agency, Career opportunities at the NCI Agency.

NCI Agency’s tweet about Day 3

Day 4

Day 4 at ICSSS 2019

Useful to know about Day 4:

  • The keynotes were made by Maia Spilman and Michael Payne.
  • In the first workshop of the afternoon we saw how to transform a Raspberry Pi into a hacking tool. It was lead by Niels Vonk and Ramon Janssen
  • In the second workshop of the afternoon we worked on a home made version of OWASP Juice shop. It was lead by Wout Debaenst and Ricardo Sanchez Marchand.
ICSSS tweet about Day 4

Day 5

Day 5 at ICSSS 2019

Useful to know about Day 5:

The subjects tackled in the morning lecture by Jarek Jakubcek were : Introduction to Europol EC3 and latest cybercrime trends and threats, Use and abuse of cryptocurrencies, Cryptocurrency investigations and strategic investigations, Blockchain, OSINT and the Europol on-the-job experience.

Europol’s tweet about Day 5

Day 6

Day 6 at ICSSS 2019

Useful to know about day 6:

The subject tackled in the keynotes of the morning were the following: short briefing on the concept of the Dutch Innovation Factory, Cyber Security activities within an international context. Also, Dr Rutger Leukfeld made a lecture about The Human factor in cybercrime and Peter Janssen presented Cybersprint.

Dutch Innovation Park’s tweet about Day 6

Summary of ICSSS 2019 in pictures

ICSSS 2019 summary in pictures

Why should you attend ICSSS ?

  • ICSSS gives a holistic point of view of cybersecurity. We had ethical hacking workshops and also tackled subjects as various as: laws, policies, cyber resilience, crypto currencies, …
  • Meet people from all over the world (this year 22 different countries). But also a great panel of different backgrounds from technical to legal.
  • The lectures were made by renowned University professors but also by experienced professionals from different fields (private and public sector).
  • Don’t hesitate to apply your motivation will lead you the way! This experience is a once in a lifetime.

To go further

Certified Secure online training

When i pre-registered for the ICSS 2018 i got access to a website called Certified Secure which is an online training website. In which you can even get some certificates.
With my account, I have temporary access to everything, even premium content.

Panel of the premium content

Panel of the premium content

User Profile

Here is what a user profile looks like screen of user profile

On the left, you have all the certifications you can get.
The panel in the middle shows what to achieve to get the selected certificate (Here the Essential Security certificate).
This is mostly quizzes, CTF, games.
To know how to answer to the quizzes or get help with games and CTF, you can watch the videos or read the provided content (cheat sheet for instance). You also have a forum in dutch (but you can translate it peacefully with Deepl ) and an irc channel with a an active community that is always willing to help.
Finally, on the right, you have the extra content (not mandatory to get a certificate).
With the arrow on the top right, you can swipe between each certificate’s content.

When you succeed and get a certificate, you can download it as PDF and you’ll have something looking like this:

Certificate for Essential Security certificate

The challenges

You have a few challenges. But don’t worry if you don’t know anything about how to achieve those they provide videos to help you out.
Some of those challenges are free other are premium.

Pros:
– This is a platform where you can learn things pretty quickly and get certificates for it.
– If you don’t want to pay you still can have access to many things.
– Fun, entertaining, engaging.
– Great helpful community.
– Even if some content and challenge are only in dutch you can still complete them with a good translator like Deepl

Cons:
– Some challenges are only in dutch
– The community forum is only in dutch

To conclude, i would recommend it because it his helpful to learn basics. Even if some challenges are only in dutch i managed with Deepl to complete them.
Like i said this training is challenging in a fun way. The challenges are well made and the tutors in the videos are really helpful.