December 17, 2024
4
minutes

BlackHat MEA 2024 Recap: A Record-Breaking Cybersecurity Event

Where 1,000+ hackers made history in riyadh, exploring everything from aircraft systems to smart homes in the middle east's largest cybersecurity gathering

BlackHat MEA (Middle East and Africa), hosted in Riyadh, Saudi Arabia, is one of the largest — and fastest-growing — cybersecurity events in the world. SecurityPal team members, Deepan Khanal, Anubhav Dhakal, and Diwash Mainali. All working as Associate Security Research Analyst, were among the attendees at the 2024 event and provided a first-person account of their unforgettable experience.

BlackHat MEA (Middle East and Africa) 2024 in Riyadh, Saudi Arabia, was packed with cutting-edge innovations, opportunities for professional growth, global collaboration, and unforgettable experiences. As a qualified CTF (Capture the Flag) team from Nepal, we had the incredible opportunity to participate in an event that officially set a World Record by hosting The World’s Largest Capture The Flag Competition with over 1,000 participants. Here’s a glimpse into our journey, experience, insights, and key takeaways from this remarkable event.

Networking and building connections

The three-day event offered a fantastic platform to meet and connect with cybersecurity professionals, enthusiasts, and experts from around the world. We had the opportunity to engage with volunteers, including second- and final-year students from King Saud University, as well as individuals working in the Saudi Federation for Cybersecurity, Programming, and Drones. We met students from different universities around the world, gaining insights into how cybersecurity is being approached in various academic settings globally.

It was exciting to share our experiences in cybersecurity while learning about others’ unique journeys and how they developed an interest in this dynamic industry. It was incredible to hear their stories about the challenges they’ve faced, and their unique approaches to problem-solving. The opportunity to engage in meaningful conversations with like-minded individuals broadened our perspective and enriched our understanding and deepened our appreciation for the global cybersecurity community.

The Record-breaking CTF: A unique experience

Participating in the Capture the Flag (CTF) competition at BlackHat MEA 2024 was a defining moment of the event for me. This wasn’t just any CTF. It earned a place in history as the largest CTF ever conducted, officially breaking the world record.

Being part of such a monumental event was a tremendous honor and an experience we’ll never forget. Competing alongside top teams from around the globe, such as DiceGang, bingus, Nu1l, and Guper Suesser, was both challenging and exhilarating. Here are some highlights:

  • International Standards: This was our first time experiencing how an international CTF is conducted, and it was eye-opening. The level of professionalism, organization, and competitiveness set a new benchmark for me.
  • Challenging and Fun Problems: The CTF challenges were designed to test a wide range of skills, from reverse engineering and cryptography to web exploitation and forensics. Each day brought new sets of problems, increasing in difficulty, which pushed us to think critically and creatively. Solving these complex puzzles required teamwork, persistence, and innovative thinking.
  • Learning from Others: Over the course of three days, we had ample time to interact with other CTF players. It was inspiring to learn how they approach problems, the tools and techniques they use, and their journeys as seasoned CTF competitors. These exchanges provided valuable insights and strategies into areas where we, as a team could improve and new methods we could explore moving forward.
  • Historic Achievement: Being part of a competition that set a world record was an honor. It was a testament to the growing importance and popularity of cybersecurity in today’s world. The sense of pride and camaraderie among participants was unparalleled.

Beyond the CTF

Specialized hacking activities

While the CTF was a significant highlight, BlackHat MEA 2024 offered a variety of hands-on hacking activities that showcased practical applications and vulnerabilities in various domains. These activities were not only educational but also fascinating:

  • Airplane Hacking: This activity demonstrated vulnerabilities in modern aircraft systems, showcasing how hackers can exploit weaknesses in avionics and communication systems.
  • Critical Infrastructure Security: Experts discussed and demonstrated potential threats to critical infrastructure, such as power grids and water systems, emphasizing the need for robust defenses.
  • Hardware Hacking: This hands-on session explored the nuances of breaking into physical devices, including IoT gadgets, routers, and embedded systems.
  • Hospital Equipment Hacking: Participants uncovered vulnerabilities in medical devices, such as infusion pumps and imaging equipment, highlighting the importance of securing healthcare technology.
  • Lock Picking: This fascinating session delved into the art and science of physical security, teaching participants how to bypass locks using traditional and advanced tools.
  • Car Hacking: Demonstrations showed how modern vehicles — equipped with complex software — are susceptible to cyberattacks, from manipulating onboard systems to remote takeovers.
  • Smart Home Hacking: This activity showcased exploits in smart home devices, such as cameras, thermostats, and voice assistants, illustrating the need for consumer awareness and better security practices.

Exhibitions and competitions

The event also featured an impressive exhibition area where businesses showcased their cutting-edge products and services. It was a great opportunity to explore the latest advancements in cybersecurity technology and engage with industry leaders.

  • Exhibitors: We had insightful conversations with representatives from companies like Zscaler and HackerOne. These discussions provided a deeper understanding of their offerings and strategies for tackling modern cybersecurity challenges.
  • Bug Bounty Cup: Another exciting feature of the event was the Bug Bounty Cup, where participants demonstrated their skills by finding vulnerabilities in real-world systems. This competition highlighted the importance of responsible disclosure, practical problem-solving in securing digital environments, and collaboration between businesses and the ethical hacking community to improve cybersecurity resilience.

Takeaways from BlackHat MEA 2024

Reflecting on our time at BlackHat MEA 2024, here are some of our key takeaways:

  1. Global Collaboration: The event reinforced the value of collaboration in cybersecurity. Sharing knowledge and experiences with professionals from diverse backgrounds provided fresh perspectives.
  2. Learning and Growth: Participating in the CTF and discussing it with other players honed our technical skills and broadened our approach to problem-solving.
  3. Personal Development: We learned a lot about our strengths, such as problem-solving under pressure and teamwork, while also identifying areas where we need to improve, including time management and advanced cryptographic techniques. Key learnings included better approaches to breaking down complex problems, efficiently prioritizing challenges, and mastering new tools and methodologies for cryptography exploitation. This experience has motivated me to refine our skills and prepare for future CTF events with renewed focus.
  4. Inspiration: The sheer scale of the event and the groundbreaking ideas presented reminded me of the limitless possibilities in the field of cybersecurity.

Looking Ahead

BlackHat MEA 2024 was a transformative experience that not only celebrated the current state of cybersecurity but also hinted at its future. Being part of a historic event like this was truly rewarding, and we’re excited to bring the insights and lessons learned back to our projects. The connections made, and the knowledge gained will undoubtedly influence our journey in the field.

As we continue to grow and innovate, we’re looking forward to contributing to and participating in more such events. Until then, we’ll keep pushing the boundaries of what’s possible in cybersecurity.

No items found.
No items found.
No items found.
No items found.
Growth Team

Embracing Authenticity: A Recap of Our Stories Chapter III

Explore insights from the third edition of Our Stories which featured five internal storytellers and an inspiring guest speaker.

September 2024 Product Updates: New Slack Features, IronClad/DocuSign Integration, and more

We’re updating our SecurityPal suite of products to align with the evolving demands of modern security teams. Check out the latest.

How organizations can balance innovation and compliance

The EU AI Act impacts U.S. companies, necessitating leaders to engage in regulatory dialogues and align their operations with EU guidelines. Pukar recently shared his thoughts on the challenges of regulating AI, and how over-regulation could hinder innovation, particularly for startups and SMEs.
Resources
eBooks & Whitepapers
Case Studies
Events & Webinars
FAQs
Blog
SecurityPal Council
Company
Vision & Values
Leadership Team
SOCC
Careers
Press
Newsroom
Connect
Contact us
Call us: +1 650-503-9216
Legal & Compliance
Terms of Use
Terms of Service
Privacy Policy
DPA
Security & Assurance