Positive Hack Days

Positive Hack Days (PHDays) is an annual international cybersecurity forum. It has been held by Positive Technologies since 2011. PHDays brings together IT and infosec experts, government officials, business representatives, students, and schoolchildren. The forum hosts talks and workshops on the most interesting information security topics, The Standoff cyberexercises, practical competitions in which participants analyze the security of industrial control systems, banking and mobile services, and web apps. ^[1]

PHDays scope and agenda can be compared to those of Black Hat, DEF CON, and Source. The forum addresses the security of government and individuals in today's cyberworld, zero-day attacks and digital investigations, cyberwarfare, and cryptography.

The forum takes place in Moscow in May. An attendance fee is required. Free tickets are available for winners of special white hacking contests and for students who participate in the Positive Education program. Presentations are given in Russian and English. ^[2]

PHDays 2011: Who Wins

The first forum was held on May 19, 2011, at a popular club in Moscow.

PHDays 2011 visitors

Talks and workshops covered such topics as government control of information security in Russia, remote banking system safety, secure connection in VoIP, protection of data in the cloud, and security of virtualization systems. The key guest speaker of the event was Dmitry Sklyarov.

During the forum, a capture the flag (CTF) competition was held among information security specialists from different countries. The US team PPP was the winner. There were other hacking contests, and during one of them a participant detected a zero-day vulnerability in Safari for Windows. ^{[3] [4]}

Among other speakers were experts from Kaspersky Lab, Russian Agricultural Bank, VimpelCom, Rostelecom, Cisco Systems, Leta IT-Company, Positive Technologies, and PwC. About 500 people attended the one-day event. ^[5]

PHDays 2012: Future Now

Alexander Peslyak (Solar Designer) at PHDays 2012

The second forum was conducted on May 30 and 31, 2012 at Digital October's center of new technologies. Along with six parallel streams of presentations and workshops, a CTF competition and several security-related contests were held again. Topics were divided into two areas: technical (exploiting radio noise, password protection, telecom security, usage of sqlmap) and business (internet banking security, data leakage in government, seeking specialists in information security). ^{[6] [7]}

The conference featured Bruce Schneier, an American cryptographer and the author of Applied Cryptography, Datuk Mohd Noor Amin (from IMPACT, UN), and the creator of the password cracking tool John the Ripper Alexander Peslyak (known as Solar Designer). ^[8]

Significant events included: demonstration of zero-day vulnerabilities in Windows XP and FreeBSD 8.3, cracking iPhone 4S using the popular application Office Plus, and contests in taking control of AR.Drone and analyzing remote banking system security. ^[9]

Young School, a competition of young scientists' research papers, took place for the first time. PHDays 2012 was attended by 2,000 people.

PHDays III: From Both Sides of the Barricade

A participant getting over the laser field of the Labyrinth

The third conference was held on May 23 and 24 at the Moscow World Trade Center. The main topics were ICS protection, web application and mobile application security, and preventing attacks against banking systems, as well as cooperation between government, researchers and information society. The lead speaker of the third forum was Marc "van Hauser" Heuse, the creator of THC-Hydra, Amap, and SuSEfirewall and the founder of The Hacker Choice. ^[10]

Significant events included a talk from SCADA Strangelove about the security of Siemens SIMATIC software, a workshop on ATM hacking, and a workshop from TOOOL (experts in nondestructive lock opening). The forum featured a model railroad controlled by real industrial systems, the security of which was to be tested by the participants, and the Labyrinth's rooms, with laser field and motion detectors (10). ^{[11] [12] [13]}

A famous hacker George Hotz (geohot) participated in the CTF contest as a member of PPP. He was the first to unlock the iPhone to use it with other providers besides AT&T. George Hotz also won 2drunk2hack, a contest where participants hack web applications and must finish an alcoholic beverage when they fail. ^[14]

Anatoly Katyushin, a student from Samara nicknamed "heartless," won a $natch contest in which participants tested the security of remote banking systems: he hacked a remote banking system and stole 4,900 rubles. ^[15]

The Russian politician Vladimir Zhirinovsky took part in a discussion about encouraging information security specialists to work within legal boundaries. ^[16]

Over 2,000 people visited the event. ^[17]

A movie about preparation for the forum was released in 2013. ^[18]

PHDays IV: IT Gazes You

A model railroad connected to real SCADA systems

The forum took place on May 21 and 22, 2014 at Digital October's center of new technologies in Moscow. Among the main topics were cyberwarfare, IoT, protection of ICS and critical infrastructure components, internet banking system security, and regulation of the information security industry. ^[19]

Alisa Shevchenko detected several zero-day vulnerabilities in Indusoft Web Studio 7.1 during a contest in analyzing ICS security, and won the 1st place in the contest. Other major events included a contest in identifying threats of a smart home, discussion of the security of telecommunications companies, and the lack of really "smart" grids in the power industry. In addition, the participants of information security contests managed to withdraw money from virtual accounts in a remote banking system created specially for the competition and containing typical vulnerabilities of banking systems. ^[20]

The forum saw over 2,500 attendees from around the globe. ^[21]

PHDays 2015: Entering a singularity

The forum took place on May 26 and 27, 2015, at the Moscow World Trade Center. The main topics were security of critical information systems, fraud management, cybercrimes, and incident investigation. ^[21]

Specially introduced at this forum was a new format of CTF games. The teams competed in a fictional state that had its own corporations, banks, stock exchanges, media, and infrastructure. The hacker teams had to complete tasks to earn points: for example, hacking the infrastructure of an energy company whose shares were listed on a stock exchange to give an advantage to industry insiders. ^[21]

There was a contest to break into a real IEC 61850 electrical substation. During the contest, participants managed to temporarily disrupt the organizers' information infrastructure six times, while twice they managed to disconnect consumers from the power grid, and discovered one zero-day vulnerability. ^[22]

PHDays 2015 also hosted a competition organized by Almaz Capital investment fund to identify photo manipulation. The winner was SMTDP Tech. The prize fund was 1.5 million rubles. ^[23]

Over 3,500 people visited the event. ^[24]

PHDays 2016: The Standoff

The forum took place on May 17 and 18, 2016, at the Moscow World Trade Center. The topics included protection of cloud computing and virtual infrastructure, business applications and ERP systems, prevention of zero-day attacks, and security of industrial control systems and communication networks. ^[25]

The main theme was a battle between attackers and defenders: the organizers prepared a game, which was a confrontation between the attacker teams (hackers) and the defender teams (SOC employees) on a cyberrange with a mock-up city (City F). ^[26]

In one competition, a teenager from Moscow was able to break into an electrical substation. ^[27]

Over two days, 4,200 people visited the forum. ^[25]

PHDays 2017: Enemy Inside

Enemy Inside was held on May 23–24, 2017 at the World Trade Center in Moscow, Russia. The key themes of the forum were the IoT, the combination of the IoT and SCADA, development of security products, and SSDL approaches. ^[28]

The main competition of the forum was The Standoff. The participants competed at a cyberrange with a fictional megalopolis that had companies with offices, telecom operators, railroads, a CHP, many IoT devices, and other objects. ^[29]

Patrick Wardle, a former NSA and NASA officer, presented a technical review of a new macOS malware. Positive Technologies specialists Kirill Puzankov, Sergey Mashukov, and Pavel Novikov spoke about the insecurity of cellular networks. Andrey Masalovich talked about methods of hacking popular websites and systems by using bots. ^[30]

Nearly 5,000 people attended the forum. ^[31]

PHDays 2018: Digital Bet

The forum was held in the Moscow in World Trade Center on 15 and 16 May, 2018. Top topics included the role of government and regulators in the economy digitalization, the digital wave in finance, security of critical information infrastructure, security risk management, and physical security. ^[32]

PHDays 8 speakers included Ilfak Guilfanov, the creator of IDA Pro disassembler and Hex-Rays decompiler, and Fernando Gont, a security researcher at SI6 Networks. ^[33]

The Standoff, a cyberbattle between teams of attackers, defenders, and security operations centers, took place at the forum. The battleground was a fictional city whose economy was built on digital technologies. The cyberrange emulated city infrastructure. The Standoff ended in a draw. ^[34]

In addition, PHDays hosted other hacker competitions: participants hacked into surveillance cameras, smart electric meters, and remote banking systems. The American channel ABC News broadcast a video about the forum. ^[35]

For the first time, PHDays hosted Positive Hard Days, an IT music festival featuring six bands. ^[32]

Over 5,000 people were at the event. ^[36]

PHDays 2019: Breaking the Constant

PHDays 9 was held on May 21–22, 2019, in Moscow at the Crocus Expo International Exhibition Center. It included over 100 presentations and workshops by Russian and foreign information security experts and IT business representatives. The keynote speaker was German security researcher Carsten Knoll. The forum hosted hacking and data protection competitions, including The Standoff, a cyberbattle between attackers and defenders. ^{[37] [38] [39]}

The best attacker teams from PHDays 9 received an invitation to the contest finals at the HITB+ CyberWeek conference in Abu Dhabi, which took place on October 12–17, 2019. For the first time at PHDays, with the support of FinCERT (Bank of Russia) and CODDY (a programming school), a children's track was held, The Standoff Kids. Young guests aged 8 to 13 were introduced to the basics of cyberliteracy, as well as information and financial security. ^[40]

On the second day of the forum, the final stage of the Positive Wave music IT festival took place. The winner was the band Raev Clan, and the People's Choice Award went to the band Of Titans and Men. ^[41]

Positive Hack Days 9 brought together over 8,000 attendees. ^[42]

The Standoff

In 2020, PHDays was cancelled because of the coronavirus pandemic. However, in November 2020, the organizers isolated The Standoff (cyberexercises held at PHDays) from the forum, making it a separate event during which an online conference took place. The main theme of the event was digital threat modeling. For this purpose, an entire cyberrange was created that included the model of a virtual city with control systems that mimicked the same systems of real power substations, oil refineries, and the infrastructure of modern cities. ^[43]

PHDays 2021: The Origin

PHDays 10 was held on May 20 and 21, 2021, at the Moscow World Trade Center. Its main topic was the increase of digitalization during the pandemic and the need to review the existing cybersecurity approaches. Maxut Shadayev, Minister of Digital Development, Communications, and Mass Media of the Russian Federation, took part in the forum's plenary session. ^[44]

The attackers had to trigger business-critical events at The Standoff cyberbattle. These included specific events that threaten a particular enterprise and could lead to unacceptable consequences for the enterprise. For example, the attackers had to halt the supply of gas, cause electricity failure, or design a railway crash. 33 unique business-critical events were triggered at the cyberrange—54% of the total number of risks listed in the competition program. The attacker teams submitted a total of 84 reports of successful task completion to the jury. ^[45]

PHDays 10 brought together 2,500 people. ^[46]

PHDays 2022: INdependence

PHDays 11 was held on May 18 and 19, 2022 at the Moscow World Trade Center. Its main theme was independence from imports in the field of information security and preservation of digital sovereignty. The program included about 100 reports, sections, and round tables, in which more than 250 speakers took part. The forum featured The Standoff 365 Bug Bounty platform. There were events dedicated to cybersecurity investments, traditional competitions, Positive Wave and HackerToon creative festivals, the finals of the first All-Russian open source project contest, and the NFT kidnapping contest. ^{[47] [48]}

Over 100 guests visited the live broadcast studio, including Russian Minister of Digital Development, Telecommunications, and Mass Media Maxut Shadaev and official spokesperson of the Russian Foreign Ministry Maria Zakharova. ^[49]

Spectators and participants of The Standoff cyberbattle witnessed the butterfly effect: they saw how an unacceptable event in one industry can affect other industries. ^[50]

PHDays 11 became the most attended event yet: 8,700 people visited the forum venue at the Moscow World Trade Center. ^[51]

Features

In addition to technical presentations, workshops, contests, and discussions on the IT industry regulation and business development, PHDays hosts a large number of activities aimed at creating a free cyberpunk atmosphere. ^[52]

Famous rock bands, such as Smyslovye Gallyutsinatsii, Neschastny Sluchai, and Undervud have performed at the forum's closing ceremony throughout the years. In 2014, cyberpunk films were shown at the forum at night, and during the break between presentations there was an audio show called "Model for Assembly." ^[21]

In 2018, the Positive Hard Days music festival was added to the forum's program. ^[32]

In 2019, the leader of Smyslovye Gallyutsinatsii Sergey Bobunets and music columnist for Kommersant newspaper and music producer Boris Barabanov joined the jury of the contest (renamed Positive Wave).

Six teams took part at the 2022 Positive Wave finals at PHDays 2022. The Serious Men (SIBUR Digital) won the contest and received a check for 100,000 rubles and certificates for tuition at the Musical Wave school. ^[53]

References

1. "PHDays — Positive Hack Days. CTF". Phdays.com. Retrieved 16 December 2014.
2. "Теперь вузы — участники программы Positive Education смогут использовать MaxPatrol для обучения".
3. ":: Plaid Parliament of Pwning ::". Ppp.cylab.cmu.edu. Archived from the original on 17 December 2014. Retrieved 16 December 2014.
4. "НА КОНКУРСЕ ХАКЕРОВ «CTF-ФРИСТАЙЛЕР» В МОСКВЕ ПОБЕДИЛА КОМАНДА ИЗ США".
5. "Positive Research Center". Blog.ptsecurity.com. Retrieved 16 December 2014.
6. "Digital October". Digital October. Retrieved 16 December 2014.
7. "Завершился Positive Hack Days 2012 - хакеры взломали планету".
8. "Positive HackDays 2012: итоги первого дня форума по ИБ".
9. "ОТГРЕМЕЛ POSITIVE HACK DAYS 2012: ХАКЕРЫ ВЗЛОМАЛИ ПЛАНЕТУ".
10. "About WTC Moscow". Wtcmoscow.ru. Retrieved 16 December 2014.
11. "Positive Hack Days". Blog.phdays.com. Retrieved 16 December 2021.
12. "Positive Hack Days". Blog.phdays.com. Retrieved 16 December 2014.
13. "SCADA Strange Love". Scadastrangelove.org. Archived from the original on 31 December 2012. Retrieved 16 December 2014.
14. "Forum Helps Hackers to Obey Law - Business". The Moscow Times. Retrieved 16 December 2014.
15. "Студент из Самары победил в конкурсе по взлому банковских систем".
16. "Переходи на светлую сторону".
17. "В Москве прошел форум по практической информационной безопасности PHDays III".
18. "PHDAYS III: ПО ОБЕ СТОРОНЫ БАРРИКАД".
19. "Schneider Electric поблагодарила победительницу хакерского конкурса PHDays Алису Шевченко".
20. "PHDays 2014: хакеры взломали систему интернет-банкинга".
21. "Итоги форума Positive Hack Days IV: есть двери, открывать которые надо осторожно".
22. "Сломать цифровую подстанцию оказалось не так-то просто".
23. "Positive Technologies анонсировала даты шестого международного форума по практической безопасности PHDays".
24. "В Москве завершился V международный форум Positive Hack Days".
25. "Positive Hack Days 2016 подвел итоги".
26. "Команда «АСТ» защитила городской банк в рамках соревнований «CityF: Противостояние»".
27. "Московский десятиклассник взломал электрическую подстанцию небольшого города на PHDays".
28. "Эксперты Positive Technologies прогнозируют рост угроз интернета вещей".
29. "Positive Hack Days — угрозы повсюду, а враг внутри".
30. "На PHDays продемонстрировали, что «кибер» ─ это реальность".
31. "В Москве прошел форум по кибербезопасности Positive Hack Days".
32. "Positive Hack Days 8: Digital Bet".
33. "Автор дизассемблера IDA Pro выступит на PHDays 8".
34. "Positive Hack Days 2018 в Москве: как это было".
35. "Inside one of the largest hacking conferences in Russia".
36. "Форум Positive Hack Days 9 состоится 21 и 22 мая в «Крокус Экспо»".
37. "Открылся ежегодный форум по практической информационной безопасности Positive Hack Days".
38. "«Основное внимание здесь уделяют практическим основам IT-безопасности»".
39. "Специалисты «Инфосистемы джет» одержали победу среди команд защитников в The Standoff на Positive Hack Days 9".
40. "The winners of The Standoff cyber battle at PHDays automatically qualified for HITB CyberWeek".
41. "Школа программирования для детей CODDY стала партнером международного форума".
42. "Девять лет позитива. Positive Technologies провела свое флагманское мероприятие".
43. "Крупнейший киберполигон The Standoff".
44. "Как защитить ребёнка от киберугроз".
45. "PHDays The Origin: На киберполигоне The Standoff показали реализацию неприемлемых бизнес-рисков".
46. "Нападай и защищай: как на киберполигоне The Standoff обрушили работу целого города".
47. "Positive Technologies наняла сотни хакеров для защиты российских компаний".
48. "Positive Hack Days 11".
49. "Российское ПО со временем способно вытеснить импортное".
50. "Рынку кибербезопасности в России прогнозируют небывалый взлет".
51. "Завершился форум по практической безопасности PHDays 11".
52. "Positive Hack Days". Blog.phdays.com. Retrieved 16 December 2014.
53. "Positive Wave 2022".

External links

• Official website