The small town of Hamar, in Norway, is hosting the European Cybersecurity Challenge (ECSC), a sort of European Cup for this field of activity, on Tuesday October 24. And like every year since 2018, France is participating in these four days of competition with its own team, made up of ten competitors and four replacements selected by the National Information Systems Security Agency (Anssi). “Last year we were third in the ranking. This year we hope to do as well if not better”enthuses Jérémy Jean, Anssi agent in charge of coaching the candidates.
Organized since 2014, the ECSC is one of the latest avatars of a discipline that has existed since the 1990s in the world of cybersecurity: “Capture the Flag” (CTF). Popularized in particular within large gatherings of hackers, such as DefCon in Las Vegas, this type of tournament also thrives online in a dematerialized version. “Participants will have to solve challenges created specifically for the occasion, such as hacking a website via a security breach to become an administratorexplains Cypelf, engineering student and member of the French team participating this year in the ECSC. The objective is often to recover a string of characters, the “flag”, accessible only by solving the test and which shows that we have succeeded. »
“These are tests which are inspired by what we see in reality, even if there are sometimes slightly more artificial scenarios, summarizes Jérémy Jean about the challenges designed by Anssi as part of the France Cybersecurity Challenge (FCSC), which makes it possible to select those who represent France at the ECSC. The goal is always for participants to learn something from the challenge. » This type of competition can take place online or during a physical gathering, in teams or individually, and in sometimes different ways depending on the themes addressed, as shown by the variety of events listed by the CTF Time website. Participants meet at trade shows or on platforms like Root Me, which offers training events and a community to help newcomers to the discipline.
“Common codes with e-sport”
Some companies even have “official” teams in their colors, like Ace Of Spades, made up of employees of the cybersecurity company Capgemini. However, if these are indeed matches behind computers, we cannot really talk about e-sport. “There are sometimes common codes with e-sport, but there is generally nothing to show and the discipline has little interest as a spectacle”recognizes Cypelf. “And the competitive aspect often takes a back seat: the majority of people are rather enthusiasts who will want to share with other teams to understand how others solved the challenges. »
You have 42.96% of this article left to read. The rest is reserved for subscribers.