In September we headed to BSides Canberra 2024, hosted at the National Convention Centre. Once again it was a packed event that brought together cybersecurity enthusiasts from across Australia and beyond. Known for its diverse range of activities, the conference offered everything from advanced talks to hands-on labs, interactive villages, and of course, the ever-popular Capture the Flag (CTF) competition.
Regardless of where you are in your cyber career, BSides has something for everyone. The Main Track stage opened with keynote speaker Valentina Palmiotti speaking on “The Exploit Development Life Cycle: From Concept to Compromise,” diving deep into the nuances of exploit creation and the steps from concept through execution. Then later, there was a practical session titled “How to Land Your First Job in Cybersecurity,” led by Jatin Kumar, covering actionable steps for new cybersecurity professionals.
The ever-popular Hardware Hacking Village provided a hands-on area where attendees could assemble custom badges. However, the highlight for many was the BlackBag Challenge, an immersive blend of hacking, espionage, and physical security. This ‘blind’ challenge led our Tech Team through a series of increasingly difficult tasks scattered around the conference centre, culminating in an attempt to breach a secured “server room.” Under the hacker name IAAsengard, the team came close to entering the server room, but there was a huge queue, so they chose to focus on the CyBears Capture the Flag (CTF) competition instead.
This time’s CTF was a fantasy-themed cybersecurity quest, testing skills in cryptography, reverse engineering, and web security. The event buzzed with quiet intensity as teams worked through the puzzles, whispering to avoid tipping off competitors, with the occasional chase after a roaming “spy” who held clues to one of the challenges. This year our Tech Team finished in an impressive 26th place out of 198 teams.
All-in-all, BSides Canberra 2024 successfully combined the thrill of technical challenges with opportunities for skill-building and networking, leaving attendees eager for next year’s event. For IAAsengard, it was an experience full of learning, testing skills, and sharing their expertise within the global cybersecurity community.
