How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Monday, June 23, 2014

Survive Hacking at PHDays. Cyber Threats of a Common Apartment

Items and devices we use are becoming more and more convenient. Today, we have internet connection in our cars and even in certain kinds of microwaves and fridges. According to Gartner, there will be more than 26 billion intelligent home appliances while the market size will grow to 300 billion dollars by 2020.

However, few people realize that common computers with access to the internet and gadgets that make up the so-called internet of things are vulnerable to attacks. PHDays organizers created a model of a real apartment equipped with various electrical appliances and a smart home system in order to demonstrate the possible consequences of hackers' attacks. Due to an error, all devices of the apartment has gone insane and turned out to be a trial for the owner. Participants of the contest needed to release him.

Thursday, June 19, 2014

PHDays IV CTF: How It Was

Positive Hack Days IV, which was held on May 21 and 22, traditionally hosted a CTF contest. During two days, ten teams from six countries hacked rivals' networks and beat back attacks.

Positive Hack Days CTF's game infrastructure and tasks are usually designed according to a legend that adds special appeal to the contest. During the last year's CTF, participants became the saviors of the fictional world D’Errorim. As the task was solved, they realized that they were fighting on the wrong side, and now their own home is in danger. So the plotline of PHDays III CTF and PHDays IV CTF are related.

The text of the legend is available on the forum's website.

Monday, June 16, 2014

Smart City Hacked at PHDays IV

The Critical Infrastructure Attack (CIA) contest at Positive Hack Days IV has shown for the second time how weak critical infrastructure systems can be in terms of security. The participants successfully compromised various ICS systems during this two-day contest.

Last year at PHDays III, the contest was held with different name – Choo Choo Pwn. Organizers designed a transportation system controlled by real ICS hardware and software.

Tuesday, June 3, 2014

Positive Hack Days IV: There are Doors that should be Opened Carefully

The famous quote of Friedrich Nietzsche about an abyss that gazes into you became the motto of the PHDays IV forum on practical security. Participants of the annual international conference learned about cyber threats for which the civilization is unprepared: attacks performed against power and transport systems of a city, a smart home turned into a trap, and hackers emptying a virtual bank account. Various ways of survival in today's digital world were also discussed during the forum.

The recipe for PHDays is the same: minimum ads, maximum useful information, entertaining contests, informal communication, rich performances, awkward questions at round-table discussions, and an atmosphere of a research during hands-on labs.

Monday, June 2, 2014

Best Reports at PHDays IV: Surveillance, Hacking and Nation-Specific Cyberwar

Big conferences with multiple reports delivered at once seem to cooperate with the Murphy's Law — the most interesting (personally to you) sections have the same schedule time. Choose one of them — miss the others. What can you do?

As to the international forum on practical security Positive Hack Days, this problem is easy to solve — watch the report video records. It is particularly valuable for those who missed the conference. All the video files are on the website

Yet watching all the records made in all the halls during two days is an option for extremely patient people. It is far more logical to filter them by topics or authors: first, read the descriptions in the program and then choose a particular report from the video list.