The top regional cybersecurity and hacking conference, DefCamp 2024, which took place in Bucharest from November 28 to 29, brought to light the intricacy of contemporary digital challenges and the creative ways to overcome them in a world that is becoming more digitalized, where borders are blurring and online influence can destabilize nations.
In addition to showcasing the promise and vulnerabilities of developing technologies, the conference, which was attended by more than 2,000 experts and professionals from around the globe, addressed situations in which attackers could use artificial intelligence for nefarious purposes.
The event was marked by a real-life incident that tested the vigilance of the security team: a group of Russian hackers attempted to compromise the conference website and infrastructure during the event. The attack, which was quickly neutralized in real time, demonstrated not only the sophistication of today’s digital threats but also the critical importance of collaboration, innovation, and continuous preparedness in the field of cybersecurity.
“The coordinated attack on the DefCamp 2024 website by the Russian hacker group NoName057(16) is a clear demonstration of the growing regional importance of the conference and the relevance of the issues we are addressing. It’s highly likely that this incident was triggered by one of our speakers preparing to give a presentation on the group’s activities. Despite the additional challenges posed by the current geopolitical context and the timing with the Romanian elections, our team of specialists quickly neutralized the attack with no damage or disruption to the event,” said Andrei Avădănei, the founder of DefCamp.
Remarkable Evolution
The infosec community continues to grow year on year, bringing together professionals from 720 public, private, and academic organizations at DefCamp 2024. Nearly half of this year’s attendees were returning, confirming the conference’s reputation as a reference point for industry professionals. With over 30% of attendees in security engineering or software engineering roles, the level of expertise was exceptionally high.
“DefCamp has evolved remarkably in recent years, both in terms of scale and the quality of the content and experiences on offer. The 2024 edition has successfully demonstrated what a strong and well-connected cybersecurity community can achieve: valuable knowledge exchange, stimulating discussions with real impact, and a dynamic atmosphere that encourages collaboration and innovation. These results motivate us to look even more boldly to the future. In 2025, we want to take the whole experience to the next level. We want to strengthen the bonds between industry professionals, bring the most relevant and forward-thinking insights to the forefront, and expand DefCamp’s impact. Our goal is to continue to be a central platform for education, the exchange of ideas, and collaboration, not only in the region but also on the international stage, strengthening DefCamp’s position as a catalyst for innovation and development in cybersecurity,” points out Andrei Avădănei.
The 60 speakers on the DefCamp 2024 stage highlighted the need for cyber risk awareness, ongoing security training, and accountability for those involved in the digital ecosystem. Strict access control to sensitive systems and preparedness against social engineering tactics were identified as top priorities, while security-by-obscurity approaches are considered insufficient in the current threat landscape.
Emerging technologies such as artificial intelligence and quantum computing bring both opportunities and challenges, increasing the pressure to adopt adaptive security measures. Risks associated with cloud resources, such as massive exploits that can compromise AWS accounts without targeted attacks, were also discussed. Persistent vulnerabilities in public cloud resources highlight the urgent need for improvements and more effective solutions.
“Minimizing the Attack Surface”
Cybersecurity experts underlined that an effective defense strategy, applicable to both IT and OT networks, must include minimizing the attack surface, securing data transfers, and implementing advanced threat prevention measures. They also emphasized the need to focus on vulnerabilities rather than traditional security perimeters. In addition, organizations were advised to prioritize measures such as implementing multi-factor authentication and strict access control to sensitive systems to mitigate risk.
Continuous monitoring of network activity, coupled with regular updating of systems and software, goes a long way towards preventing the exploitation of known vulnerabilities. Investing in employee training and awareness programs is essential, as social engineering attacks remain among the most common. In addition, developing a robust incident response plan and conducting regular drills will help organizations be better prepared for potential attacks.
The steady evolution of DefCamp and its significant impact in the field of cybersecurity have strengthened the confidence of our partners, who actively support the conference and the community.
“Secureworks is proud to have been a long-standing partner of DefCamp, witnessing its incredible evolution into the largest cybersecurity conference in Central and Eastern Europe. Over the years, the event has not only grown in scale (to 2200 attendants this year!) but has also fostered a more skilled and united cybersecurity community. It’s been inspiring to see how DefCamp continues to elevate the field, equipping professionals with the knowledge and tools to tackle emerging digital threats,” Mihai Oprea, Senior Manager Cybersecurity, Secureworks, mentioned.
Testing Participants Skills
On the practical and competitive side, 18 Hacking Village educational activities, hosted on the CyberEDU technical education platform, allowed participants to test their skills in an applied environment, not only to hone their technical expertise but also to contribute to the development of an informed and empowered community.
The largest competition, DefCamp Capture the Flag (D-CTF), attracted nearly 800 teams this year—30% more than in 2023—from 92 countries. Of these, 16 teams qualified for the final round, which took place live on 28 November. First place went to Hackemus Papam from the Vatican, second to The Few Chosen, a local team that also won the ‘Best Romanian Team’ award, and third to Wreck the Line, an international team with members from Romania.
DefCamp 2024 also gave attendees the opportunity to make a real difference and directly impact the lives of those in need. With the support of local authorities, the Trace Labs OSINT Search Party CTF competition provided a unique experience where teams of ethical hackers used open-source intelligence (OSINT) techniques to help find missing people. This Capture the Flag (CTF) competition was not just a cybersecurity exercise or a technical challenge but a real mission. The 45 participants analyzed 8 cases, 5 of which uncovered new information to help local authorities find missing persons—a record result in the history of Trace Labs competitions.
The DefCamp 2024 event was organized by the Romanian Association of Computer Security Research Centers (CCSIR), powered by Orange Romania. The conference is supported by Data Core Systems and Secureworks as Platinum Partners; Adobe, OPSWAT, Booking Holdings, Keysight Romania, and Bit Sentinel as Gold Partners; Pentest-Tools.com and KPMG as Silver Partners; and CyberEDU.