VolgaCTF is an international competition the final round of which is hosted in Samara with support of Samara State University and the Information Technologies and Communications Department of the Samara Oblast.
In 2019, the competition’s final round was attended by 23 teams, including eight international ones from Hungary, Austria, Vietnam, Taiwan, Estonia and Portugal. The first place went to the team LC↯BC, representing ITMO University.
This isn’t your first competition in this field. What do you make of it?
Vlad Roskov, captain of LC↯BC: I would rather call VolgaCTF a national event because there was no strong competition on the part of the international teams present. On the whole, this wasn’t a bad experience: the tasks and the game itself were amazing, but I found the organization side somewhat lacking. For example, they indicated a different team’s name on our certificates and gave us a cheap souvenir as the main prize.
Maksim Prokopovich, captain of Kappa: Personally, I liked everything: the tasks were interesting, and we didn’t encounter any organizational problems. We’ve heard about this competition before but weren’t sure as to how good it really was, but now we know that on the whole, it’s worth participating in if only because of the tasks features.
The path to sports hacking
How long have you been doing sports hacking and participating in competitions?
Vlad: I first about CTF competitions some ten years ago, when I was just applying to ITMO University. On September 1, senior year students gathered us all together to give us some advice. And it was at this meeting that they told us that they were just starting to participate in hacking competitions. Many of us present got really impressed by this, and the first meet-up for CTF enthusiasts was attended by all the people in our year, but eventually, only a few people actually stuck up with this activity, myself included. The senior-year students were already playing as the team CIT, named after our department, but took on a much more fun and fruity name Leet More in winter that year. In 2011, it became one of the best teams in Russia. Later, in 2012, the team united with Chelyabinsk-based team Smoked Chicken and took the top-1 place based on the year’s results. In 2016, we were joined by another team, BalalaikaCr3w, and that was how LC↯BC came together. That very year, we also launched our SPbCTF meeting, started to bring together everyone interested and organize workshops, small competitions, exchange tips and tricks.
Maksim: I discovered sports hacking at the university: I studied at St. Petersburg Electrotechnical University “LETI”, and the head of my educational program told me about the SPbCTF project and said that they taught practical security there. I came to the first meet-up in 2016; the tasks were pretty challenging but I really enjoyed it. Our team formed a year ago when we started training in the Attack-defence format. At SPbCTF, they used to split us into different teams for each competition, but after a while, there formed a group of participants who wanted to join forces and play together. This is how our team Kappa was made.
How many people are there in the teams?
Vlad: From three to seven people, if we’re talking about competitions. And about ten, if the competition is held online. In total, there are about 60 people in our club, but they never participate in one competition.
How do you train?
Maksim: Since our team was formed at SPbCTF, most of the time we trained there. They organized both training sessions and some small-scale competitions for the members of the club. Now we train when participating in the competitions.
What does participation in CTF give you?
Vlad: When I was a university student, it gave me practice and training. The thing is that the educational program in information security is not particularly practice-oriented; they don’t teach you to solve real-life tasks. And this is where CTF competitions came in very handy, as they really helped me boost my skills. Now it’s more of a fun activity for me, something you can do with friends. And sometimes there are cool prizes, too; for example, last year in China, we received $100,000 for the first place at RealWorld CTF.
Maksim: Participating in such competitions, you can gain the necessary experience, as well as establish lots of useful connections that come in handy in your future career. And it’s also about professional development because we work in the field of information security and you always want to keep abreast of the latest developments and advances in the field.
New season of SPbCTF
In what way will the new season be different from the previous one?
This year, mentoring the newcomers will be our most experienced participants from the Kappa, fargate, GOST in the shell, and Red Cadets teams. The season will be for beginners only. It will be split into several short seasons lasting for 4-6 weeks, each covering a certain category. Our goal here is to teach our students to solve simple tasks at competitions upon the end of the season. The training sessions will still be very practice-oriented, and when we get through the basics, we will divide students into teams and make them compete among themselves.
How many people are you expecting to participate in the next season?
Vlad: Some 200 people came to the first meeting of the previous season, but some of them left because they found the tasks too challenging. Eventually, about 40% stayed, but I think that it’s a pretty good result. The previous season focused on the attack-defense format of CTF. As a result, a total of three ITMO University teams made it to the final round of the RuCTF 2019 international competition. Over 500 people applied for participation this year, and this is why we launched a competition, to choose the most talented and motivated students.
Who is invited to participate in the competition for the next season?
Vlad: Anyone interested in information security.
Maksim: You don’t necessarily have to be an information security student. It doesn’t matter what program or university you’re studying at, all you need is interest in the field of IT.
Vlad: I would add that we’re waiting for curious people: those who are interested in assembling and disassemble different IT systems to find out how these operate.