Full Report
The online qualifications round for Kaspersky Industrial CTF 2018 took place on November 23-24. Over 1,000 teams registered with 130 eventually scoring points. The top 4 teams will participate in the finals
Analysis Summary
# Industry News: Kaspersky Concludes Global Industrial CTF Qualifiers
## Summary
Kaspersky has announced the completion of the online qualification round for its 2018 Industrial Control Systems (ICS) Capture the Flag (CTF) competition. Out of over 1,000 registered global teams, 130 successfully scored points, with the top four advancing to the physical finals.
## Key Details
- **Date:** November 23-24, 2018 (Event); November 29, 2018 (Announcement)
- **Companies Involved:** Kaspersky (ICS CERT)
- **Category:** Industry Event / Cybersecurity Talent Development
## The Story
The Kaspersky Industrial CTF serves as a specialized platform designed to challenge security researchers with real-world scenarios involving industrial automation and critical infrastructure. The 2018 qualification round featured diverse challenges ranging from reverse engineering and web security to specialized ICS protocols. The high volume of registration (1,000+ teams) underscores a growing global interest in the niche field of operational technology (OT) security. The competition is part of Kaspersky’s broader strategy to bridge the gap between traditional IT security and specialized industrial environments.
## Business Impact
### For the Companies Involved
- **Kaspersky:** Strengthens its brand as a leader in industrial cybersecurity and ICS CERT capabilities. It also serves as a pipeline for identifying top-tier global talent in the OT space.
### For Competitors
- **Competitive Landscape:** Other major players in the ICS space (e.g., Claroty, Dragos, Nozomi) face pressure to match Kaspersky’s community engagement and "thought leadership" marketing through similar hands-on technical events.
### For Customers
- **Community Trust:** For industrial enterprises, these events demonstrate that their security vendors are deeply familiar with the unique vulnerabilities of PLC, SCADA, and HMI systems, rather than just general IT threats.
### For the Market
- **Skill Gap Awareness:** The fact that only ~13% of registered teams were able to score points highlights the significant expertise gap in industrial cybersecurity compared to general cybersecurity.
## Technical Implications
The competition highlights a shift toward "Cyber-Physical" challenges. Participants were forced to deal with non-standard protocols and legacy hardware simulations, reflecting the technical complexity of modernizing security for aging industrial infrastructure.
## Strategic Analysis
- **Market Positioning:** Kaspersky is positioning itself not just as a software vendor, but as an educational and research authority in the Critical Infrastructure Protection (CIP) market.
- **Competitive Advantage:** By hosting this CTF, Kaspersky gains early access to new exploitation techniques and defensive strategies developed by the global research community.
- **Challenges:** Ongoing geopolitical tensions often complicate Russian-based Kaspersky’s reach in certain Western government sectors, making these neutral, technical-first events crucial for maintaining global industry ties.
## Industry Reactions
- **Expert Commentary:** Analysts view CTFs like this as essential for "gamifying" the complex world of OT, which is traditionally difficult for researchers to gain hands-on experience with due to the high cost and sensitivity of industrial hardware.
## Future Outlook
- **Predictions:** Expect to see these competitions integrate more "Digital Twin" technology and IoT-specific challenges as factories move toward Industry 4.0.
- **What to Watch For:** The performance of the top four teams in the physical finals, which typically involves hacking simulated industrial processes (e.g., power grids or oil refineries).
## For Security Professionals
The low success rate in point-scoring emphasizes the need for specialized training. Security practitioners should look toward CTF write-ups from this event to understand the evolving attack vectors targeting industrial protocols (Modbus, S7, etc.) that are often overlooked in standard IT security certifications.