Description : Context: As per the GSMA Mobile economy, there were 4.8 billion unique mobile subscribers, 1.9 billion smart phones and 7.9 billion SIM connections globally in December 2016. The mobile traffic data is expected to grow globally by a CAGR of 47% from 2016 to 2020. With ubiquitous presence of mobile in daily life, the mobile security has become paramount. There are multiple mobile security tools and apps, each having differential features but it is difficult to find single authentic app for all mobile security operations. The mobile phone has become an integral and essential part of our life and is critically necessary for us to be able to carry out our communication and connectivity for the operation of our personal or work activities. Billions of applications have been made available to enable communication, news, data sharing, time management,gaming and much more. While these apps contribute to making life easy, and available at one’s fingertips, many of theseapps have been identified as malicious. While the app hosting system, do carry out a technology check to ensure that theapp does not pose a security threat to the user, the behavior of the app may yet be uncertain. There have beennumerous instances where users have been enticed to use malicious apps, and as a result, possibly losing sensitive information. In the face of such risks, it is necessary to test apps for malicious behavior and to flag them for exclusion or deletion from hosting platforms. The challenge is to develop an app which provides risk rating to apps based on the malicious behavior and security threats. In addition, theapp is required with at least 15 features related to cyber security that consume up to 2 MB memory space and can be stored in external memory device. The preferable feature includes data leakage, access to personal information, location sharing, mobile locking, internet consumption when not in use, SMS to another mobile in case of change of SIM, identifying genuine application, etc. The solution developed using open source software will be added advantage.
Due to technology capacitation over the last few decades, every country now processes and stores information digitally, be it government secrets, military strategies or citizens’ data. The transactions and interactions that concern technology are far higher today than they have ever been which has also opened doors to newer and more advanced types of cyber-attacks. Due to heightened pervasiveness and ubiquity, a minor effect on one system drastically damages many others concurrently. So much so that even the limits of the most skilled security professionals are being pushed beyond bounds. This has given birth to a long felt need for cyber-intelligent defences and the protection of high assurance computer systems. Not just that, the threats to an ordinary citizen have also intensified along with the challenges to law enforcement bodies making it indispensable to adopt better security and response systems.
At this juncture, cyber security needs to be understood and implemented holistically regardless of an organisation’s size or scale. Computer infrastructure and networks, however closed or small they may be, are potential targets of cyber-attacks and going forward, the risks are only going to multiply given the current rate of adoption of digital technologies. This has made it imperative to be prepared and to reach a certain level of cyber-awareness. Also, to identify talent across the world that can build technologies and policies to prevent, minimise, control and recover from damages due to a cyber-attack.
With this objective of enablement and empowerment, Cyber Peace Foundation (CPF) and Policy Perspectives Foundation (PPF) in collaboration with Ministry of Electronics and Information Technology (MeiTY) and National Critical Information Infrastructure Protection Center (NCIIPC), are organizing the Global Cyber Challenge at the Global Conference on Cyber Space (GCCS), 2017.
At the outset, it has been planned that the Global Cyber Challenge will be conducted at different levels. First, an online screening round will be conducted on the MyGov portal. Then, select teams from the online round will qualify for the regional challenges which will be conducted as run-up events in line with the themes of GCCS, 2017. Several institutions across the world have been identified to act as local hosts for these challenges. Qualified teams from the regional events will participate in the grand finale which will be conducted as a side-line event during the GCCS, 2017. The aim of these events is to foster problem solving capabilities of the youth by introducing them to the real world cyber threats and to come out with technologies that can translate as effective solutions.
At the backend, these cyber challenges will serve a dual purpose: first, to identify and build a taskforce of technically competent and talented individuals who could be called as the cyber defenders and deployed for critical cyber security roles; and second, to congregate ideas, concepts and technologies to be turned into practical solutions to the cyber security issues. This will help in fostering a community of talented cyber security experts and cyber security startups to support Government of India initiatives of Secure Digital India, Start-up India, Skill India and Make in India. Creating a peaceful and harmonious Cyber Space and secure Cyber Ecosystem. We will have Talks by experts, workshops, competitions like Startup pitch, Bug Bounties, Quizzes and Hackathons.
At each stage, what will be called a cyber challenge is proposed to be an event of intensive collaboration of programmers, developers, entrepreneurs, ethical hackers and thinkers. There are two types of challenges: Global Cyber Challenge 1: Innovate Hackathon to build ideas and technological solutions based on identified themes and National Cyber Challenge 2: Capture the Flag event to test participants’ ethical hacking, forensics and IT Security skills. The Hackathon or Innovate Cyber Challenge will be based on different problem statements to which participants will render an effective solution in the form of an app/project. The Capture the Flag event on the other hand will require the participants to first qualify an eligibility test in the form of a quiz and then take up practical technical tasks spread across different domains of IT/OT Security like bug hunting, secure coding, network implementation and forensics etc.
Cyber security enthusiasts and experts from educational institutes and industries across the world will be called upon to participate in the regional cyber challenges. A cyber-challenge will be conducted partly online and partly at identified institutions across the globe. Participations in the cyber challenges will comprise of teams who will each either select a problem statement and present their ideas, research and technological solutions for the specific problem (Hackathon or Innovate event) or act in a particular capacity based on the type of challenge (Capture the Flag event). Both the types of challenges, their problem statements and technological scenarios have been framed after extensive consultation with industry experts, security observers, government officials and business stakeholders.
The participants in various cities would be qualified mentors from civil society organizations, industry bodies, academia and corporate representatives. The key objective of the project is to promote India’s cyber security skills development initiative to promote industry relevant skills and spur innovation in partnership with premier technology institutes and businesses.
A total of 80 teams each from Challenge 1 and 2 will be selected through the initial round hosted on the MyGov portal. Phase 2 of the challenges will be conducted at hosting institutes as identified. Each hosting institute will conduct the challenge for 10 teams each from Challenge 1 and 2.
The entire Global Cyber Challenge project will culminate in the grand finale at the GCCS, 2017 during which the top 10 solutions from Challenge 1 (PAN India) and top 10 winners (5 IT and 5 OT) from Challenge 2 will compete to win the Cyber Challenge Trophy.
The competition has been divided into 2 categories:
1. Global Cyber Challenge – Innovate Hackathon
2. National Cyber Challenge - Capture the flag (IT and OT)
NOTE: Shortlisted participants will be intimated via email and phone call on the further course of action on further course of actions.
Registeration Starts on: 5th October, 2017
Last Date of Submission: 25th October, 2017
A total of 80 teams from Innovate Challenge and 80 teams from the Capture the Challenge will be selected at the initial round hosted at MyGov and these teams will compete for Round 2 of the Global cyber challenge at the respective hosting institutes. Each hosting institute will then conduct the competition for 10 teams from innovate and 10 teams from capture the flag. Top 10 solutions from Innovate category (PAN India) and Top 10 winners from capture the flag will compete in the Grand finale in Delhi.
NOTE: Travel expenses will be paid ONLY for Grand finale finalists
The evaluation will be based on the evaluation framework designed in collaboration with Ministry. The evaluation panel will be comprised of stalwarts from Startup Ecosystem, Industry Leaders and Domain experts.
Key Deliverables: Product (App/Project) and 1 Presentation (Max 15 slides).