Full Report
Kaspersky Lab has released the results of Kaspersky Industrial CTF 2017 qualifications, which were held online on October 6-8, 2017. This year’s tournament is truly international, with 696 teams from different countries participating in qualifications. The top three teams were, respectively, CyKor (Korea), Eat, Sleep, Pwn, Repeat (Germany) and Tokyo Westerns (Japan).
Analysis Summary
# Industry News: Kaspersky Industrial CTF 2017 Signals Rising Focus on ICS Security Talent
## Summary
Kaspersky Lab has announced the qualification results for its 2017 Industrial Capture the Flag (CTF) tournament, drawing 696 teams from across the globe. The high participation rate underscores a growing international focus on the niche technical skills required to protect Industrial Control Systems (ICS) and critical infrastructure.
## Key Details
- **Date:** October 10, 2017 (Event occurred Oct 6-8, 2017)
- **Companies Involved:** Kaspersky Lab (Kaspersky ICS CERT)
- **Category:** Industry Event / Skills Development
## The Story
The Kaspersky Industrial CTF is a specialized competition designed to test the capabilities of security researchers in environments mimicking industrial settings. Out of nearly 700 participating teams, the top three finalists emerged from South Korea (CyKor), Germany (Eat, Sleep, Pwn, Repeat), and Japan (Tokyo Westerns). Unlike standard IT-focused CTFs, this event focuses on operational technology (OT), programmable logic controllers (PLCs), and industrial protocols—areas where specialized security knowledge is historically scarce.
## Business Impact
### For the Companies Involved
- **Kaspersky Lab:** Solidifies its reputation as a thought leader in the ICS/OT space. By hosting these events, Kaspersky builds a proprietary pipeline of threat intelligence and identifies global top-tier talent for potential recruitment.
### For Competitors
- **Competitive landscape impact:** Rivals in the industrial security space (such as Nozomi Networks, Dragos, or Symantec) face pressure to match Kaspersky’s ecosystem-building efforts. Such events act as a "soft power" marketing tool to prove technical superiority.
### For Customers
- **Impact on end users:** Industrial enterprises benefit from a growing pool of vetted, highly skilled researchers who understand the unique constraints of OT environments (e.g., "no reboot" policies and legacy hardware).
### For the Market
- **Broader market implications:** The high turnout from East Asia and Europe indicates a decentralized global interest in critical infrastructure protection, moving beyond a US-centric security narrative.
## Technical Implications
The competition highlights a shift toward "hardware-in-the-loop" hacking. Security professionals are no longer just looking at software vulnerabilities but are increasingly tasked with understanding how digital exploits manifest in physical processes, such as manipulating sensor data or bypassing industrial safety systems.
## Strategic Analysis
- **Market Positioning:** Kaspersky is positioning its ICS CERT (Industrial Control Systems Cyber Emergency Response Team) as an essential global hub for industrial cyber-intelligence.
- **Competitive Advantage:** By fostering a community of nearly 700 teams, Kaspersky gains an unmatched vantage point into the current methodologies used by both "white hat" researchers and potential adversaries.
- **Challenges:** Ongoing geopolitical tensions regarding Russian-based cybersecurity firms may limit the adoption of Kaspersky’s findings in certain Western government sectors, despite the technical merit of their CTF platforms.
## Industry Reactions
- **Analyst Opinions:** Analysts view the 696-team participation as a "wake-up call" for the industry, proving that the interest in OT security has moved from a niche subfield to a mainstream security discipline.
- **Market Response:** The success of the qualifying round suggests a high demand for gamified training platforms tailored to the industrial sector.
## Future Outlook
- **Predictions:** Expect a surge in "Industrial-specific" security certifications and training modules as the skills gap in OT becomes more pronounced.
- **What to watch for:** The final round of the CTF will likely reveal brand-new zero-day vulnerabilities in common industrial hardware, which will necessitate rapid patching from OEMs (Original Equipment Manufacturers).
## For Security Professionals
Practitioners should note that the "Security by Obscurity" era for ICS is officially over. With hundreds of teams globally practicing attacks on industrial protocols, organizations must move toward proactive threat hunting and specialized OT monitoring. Proficiency in protocols like Modbus, PROFINET, and S7comm is becoming a high-value career differentiator.