Name: HITCON Cyber Range 2025 企業藍隊競賽
Start: 2025-07-18T10:00:00.000+08:00
End: 2025-07-18T23:59:00.000+08:00
Location: Online Event

HITCON Cyber Range：打造你的資安事件應變超能力！

這是一場專為磨練企業級「藍隊」防禦戰力而生的頂級競賽。我們精心打造了一個高度擬真的 Cyber Range 環境，模擬企業遭受複雜網路攻擊的情境。參賽隊伍將扮演資安應變團隊 (IR Team)，直接面對排山倒海的威脅告警與系統日誌，學習如何在壓力下迅速分析、追蹤攻擊來源，並採取有效的應變措施。

HITCON Cyber Range 為台灣藍隊競賽的指標性挑戰之一，這裡考驗的不只是技術深度，更是團隊合作與臨場反應的極限。透過 HITCON Cyber Range，你將：

親歷最逼真的資安事件應變流程。
磨練從蛛絲馬跡找出真相的調查技巧。
提升面對真實威脅的實戰防禦力。

準備好接受挑戰，成為企業與政府機構渴求的頂尖防禦型資安將才了嗎？快來 HITCON Cyber Range 一較高下！

辦理單位

指導單位：數位發展部數位產業署
主辦單位：社團法人台灣駭客協會 / 財團法人工業技術研究院

競賽說明

HITCON Cyber Range 競賽將分為兩大階段進行：首先是「全球線上資格賽」，接著是於臺灣舉辦的「線下決賽」。參賽隊伍須通過線上資格賽的考驗，方能取得晉級決賽的資格。

重要時程 (皆為 UTC+8 時區)

競賽報名截止：2025 年 6 月 30 日 (一) 23:59
全球線上資格賽：2025 年 7 月 18 日 (五) 10:00 - 23:59 (共 14 小時)
公告決賽入圍名單與細節：2025 年 9 月 1 日 (一)
線下決賽暨頒獎典禮：2025 年 10 月 17 日 (五)

決賽晉級規則

預計最少有 10 支隊伍 晉級決賽。
晉級名額包含：
- 5 席以上線上資格賽排名前面的國內企業隊伍。
- 2 席 F-ISAC 推薦隊伍。
- 3 席國際隊伍保留名額。

線下決賽暨頒獎典禮地點

地點：臺北文創 6 樓多功能會議廳
地址：臺北市信義區菸廠路 88 號 6 樓

聯絡方式

若有任何疑問，歡迎隨時聯繫 HITCON Cyber Range 團隊 Email: cyberrange@hitcon.org

獎勵說明

一、資格賽

凡符合報名資格並全程參與「線上資格賽」的隊伍，每隊均可獲得 HITCON Cyber Range 電子參賽證明 乙份。

二、決賽排名獎勵

晉級決賽並取得優異成績的隊伍，將獲得獎盃與獎金：

冠軍 (第一名)：團隊獎盃乙座 + 獎金 $3,000 美金 (USD)
亞軍 (第二名)：團隊獎盃乙座 + 獎金 $1,500 美金 (USD)
季軍 (第三名)：團隊獎盃乙座 + 獎金 $600 美金 (USD)

三、決賽隊伍專屬福利

所有成功晉級「線下決賽」的隊伍，皆可享有以下專屬福利：

獨家紀念品：代表榮譽與歷程的 HITCON Cyber Range 專屬紀念品。
決賽參賽證書：核發個人與企業決賽參賽證書。
隊伍成果報告：賽後提供詳細的隊伍表現分析報告，助於複盤與成長。
交流晚宴席位：提供每隊 5 位名額參與賽後交流晚宴，與資安領域專家及同好互動。

四、頒獎典禮

頒獎典禮將於線下決賽競賽環節結束後接續舉行，共同慶祝與表揚優勝隊伍。

報名相關資訊

一、報名資格

為確保競賽聚焦於提升企業內部資安防禦實務能力，參賽隊伍須符合以下資格：

團隊組成：
- 每隊選手 4 位為上限。
- 並指定 1 位擔任隊長及主要聯絡人，此人可為團隊成員或非參賽人員。
團隊要求：
- 所有成員必須隸屬於同一間企業或單位。
- 嚴格禁止跨公司／單位組隊報名。
- 本競賽不開放個人名義組隊參賽。
企業/單位資格限制：
- 報名之企業/單位，其主要核心業務不得為對外提供資安顧問、資安產品、資安代管或相關資安專業服務之廠商（即非資安 Vendor / MSSP / Consultant Firm）。競賽旨在強化非資安產業自身的防禦應變能力。
- 單一企業/單位（以統一編號或具體法人單位為準）僅限報名 1 隊代表隊。若同一企業有多個團隊有意參賽，請務必事先完成內部協調，推派出唯一代表隊伍。若系統中出現同一企業的多筆報名，主辦單位將以系統記錄中「最先完成報名程序」之隊伍作為正式參賽代表，恕不另行協調。

二、報名時程 (皆為 UTC+8 時區)

報名截止： 2025 年 6 月 30 日 (一) 23:59
資格審核結果通知：預計於 2025 年 7 月 11 日 (五) 前，以 E-MAIL 方式通知隊長。

三、報名方式

報名平台：
- 本競賽統一採網路報名。請於報名期間內，至 KKTIX 報名系統完成報名程序。
- 報名連結： hitcon.kktix.cc/events/hitcon-cyberrange-2025
審核與通知：
- 主辦單位將於報名截止後，依據上述資格條件進行審核。
- 審核結果（無論通過與否）及後續的賽前通知、注意事項等，均將透過 E-MAIL 發送給各隊隊長。

競賽方式與規則

HITCON Cyber Range 競賽旨在模擬真實的資安攻防情境，分為「線上資格賽」與「線下決賽」兩階段。

第一階段：線上資格賽 (Online Qualifiers)

核心重點：事件調查與威脅識別
- 此階段為線上進行，主要評核隊伍的資安事件調查分析能力。
- 參賽隊伍需分析主辦單位提供的多種數位證據（如網路流量、伺服器日誌、端點活動記錄等），從中挖掘駭客蹤跡、判斷真實攻擊事件，並找出關鍵的入侵指標 (Indicator of Compromise, IOC)。
建議技能：
- 熟悉常見作業系統（Windows/Linux）、網路設備（防火牆/Proxy）之日誌判讀。
- 具備閱讀與理解 SQL 查詢語法及 PowerShell Script 的能力。
- 了解駭客常用手法，能應用 MITRE ATT&CK® 框架進行分析。
進行方式：
- 形式：線上解題。
- 時間：2025 年 7 月 18 日 (五) 10:00 至 23:59 （UTC+8，共 14 小時）。
- 帳號：每隊將獲得 4 組 登入帳號，供隊員同時線上解題。
- 環境：建議使用最新版本的 Chrome 或 Edge 瀏覽器以獲得最佳體驗。
晉級決賽：
- 資格賽成績將依據解題積分與完成時間進行排名，排名前面之隊伍將晉級線下決賽。

第二階段：線下決賽 (Offline Finals)

核心重點：全方位事件應變實戰
- 此階段為實地線下競賽，旨在考驗團隊在模擬企業環境壓力下的綜合資安事件應變（Incident Response）能力。
- 任務涵蓋：從日誌分析、深入的攻擊鏈調查、到擬定並實際執行應變處置措施（如：隔離受駭主機、清除惡意程式、修補系統漏洞、強化安全設定等）。
建議團隊組成：
- 決賽挑戰多元，建議團隊成員可具備以下互補的專業背景與實作能力：
  - IT 維運與系統管理（伺服器、網路、AD/DC 管理）
  - 應用程式安全與管理
  - 資安專業技能（SOC 監控分析、事件應變 IR、數位鑑識 Forensics）
進行方式：
- 形式：於指定場地進行的實體線下競賽。
- 時間：(UTC+8) 2025 年 10 月 17 日 (五) 10:00 至 16:00。
- 地點：臺北文創 6 樓多功能會議廳 (臺北市信義區菸廠路 88 號 6 樓)。
- 詳細的決賽競賽流程、活動時間、操作環境、評分標準及注意事項，將於決賽前另行通知晉級隊伍。

重要禁止事項

為維護競賽的公平、公正性，參賽隊伍及成員務必遵守以下規定，違反者可能會被立即取消參賽或得獎資格：

禁止任何破壞競賽公平性之行為：包括但不限於隊伍之間交換、洩漏、購買或散播任何形式的解題答案 (Flag)、提示或解題方法。
禁止攻擊或干擾行為：嚴禁對競賽平台、相關基礎設施、工作人員或其他參賽隊伍進行任何形式的網路攻擊、惡意掃描、阻斷服務或未經授權的存取嘗試。
禁止一人參與多隊：每位參賽者僅能報名並代表一支隊伍參賽。

主辦單位保有最終修改、變更、活動解釋及取消本活動之權利，並保留對違規情事之最終判定權與處置權。

注意事項

請報名人員詳細閱讀以下同意書：

HITCON Cyber Range: Sharpen Your Cybersecurity Incident Response Prowess!

This is a premier competition designed specifically to train enterprise-level "Blue Team" defensive capabilities. We have meticulously crafted a highly realistic Cyber Range environment simulating scenarios where enterprises face complex cyberattacks. Participating teams will act as Incident Response (IR) Teams, directly confronting a barrage of threat alerts and system logs, learning to swiftly analyze, trace attack origins, and implement effective response measures under pressure.

HITCON Cyber Range is one of Taiwan's benchmark challenges for Blue Teams, testing not only technical depth but also the limits of teamwork and on-the-spot reaction. Through HITCON Cyber Range, you will:

Experience the most realistic cybersecurity incident response processes.
Hone investigation skills to uncover the truth from subtle clues.
Enhance practical defense capabilities against real-world threats.

Are you ready to accept the challenge and become the top-tier defensive cybersecurity professional after by enterprise and government agencies? Come compete in the HITCON Cyber Range!

Organisations

Advising Organisation: Administration for Digital Industries, Ministry of Digital Affairs
Organisers: Association of Hackers in Taiwan (HIT) / Industrial Technology Research Institute (ITRI)

Competition Description

The HITCON Cyber Range competition will proceed in two main stages: first, the Global Online Qualifiers, followed by the On-site Finals held in Taiwan. Participating teams must pass the challenges of the Online Qualifiers to be eligible for the Finals.

Important Dates (All times are UTC+8)

Registration Deadline: June 30, 2025 (Monday) 23:59
Global Online Qualifiers: July 18, 2025 (Friday) 10:00 - 23:59 (14 hours total)
Announcement of Finalists and Details: September 1, 2025 (Monday)
Offline Finals & Award Ceremony: October 17, 2025 (Friday)

Finals Qualification Rules

A minimum of 10 teams are expected to advance to the Finals.
Qualification slots include:
- Top 5 domestic corporate teams from the Online Qualifiers.
- 2 teams recommended by F-ISAC.
- 3 reserved slots for international teams.

On-site Finals & Award Ceremony Venue

Venue: Taipei New Horizon Building, 6F Function Room
Address: 6F, No. 88, Yanchang Road, Xinyi District, Taipei City, Taiwan

Contact Information

If you have any questions, please feel free to contact the HITCON Cyber Range team via Email: cyberrange@hitcon.org

Awards and Recognition

I. Qualifiers

Teams that meet the eligibility criteria and fully participate in the "Online Qualifiers" will each receive one HITCON Cyber Range digital certificate of participation.

II. Finals Ranking Awards

Teams that advance to the Finals and finish in the top-three will receive trophies and cash prizes:

Champion (1st Place): One team trophy + Prize money: USD $3,000
Runner-up (2nd Place): One team trophy + Prize money: USD $1,500
Third Place: One team trophy + Prize money: USD $600

III. Exclusive Benefits for Finalist Teams

All teams successfully advancing to the "On-site Finals" will enjoy the following exclusive benefits:

Exclusive Souvenirs: Special HITCON Cyber Range memorabilia representing honor and the journey.
Finals Participation Certificate: Issuance of individual and corporate certificates for Finals participation.
Team Performance Report: A detailed post-competition analysis report provided to aid in review and growth.
Networking Party Seats: Five (5) seats provided per team for the post-competition networking dinner to interact with cybersecurity experts and peers.

IV. Award Ceremony

The award ceremony will be held immediately following the conclusion of the Offline Finals competition segment, celebrating and recognizing the winning teams.

Registration Details

I. Eligibility Criteria

To ensure the competition focuses on enhancing practical internal cybersecurity defense capabilities within enterprises, participating teams must meet the following qualifications:

Team Composition:
- Each team may have a maximum of 4 members.
- One member must be designated as the team captain and primary contact.
- This person may be a team member or a non-participating individual.
Affiliation Requirements:
- All members must belong to the same company or organization.
- Cross-company/organization teams are strictly prohibited.
- This competition does not allow teams formed by individuals participating in a personal capacity.
Company/Organization Eligibility Restrictions:
- Enterprises/organizations registering must not have their primary core business in providing external cybersecurity consulting, cybersecurity products, managed security services, or related professional cybersecurity services (i.e., they must not be cybersecurity Vendors / MSSPs / Consultant Firms). The competition aims to enhance the defensive and response capabilities of non-cybersecurity industries themselves.
- A single enterprise/organization (based on its Tax ID number or specific legal entity) is limited to registering only one representative team. If multiple teams from the same enterprise are interested in participating, they must complete internal coordination beforehand to nominate a single representative team. If multiple registrations from the same enterprise appear in the system, the organizers will recognize the team that 'first completed the registration process' according to system records as the official participant representative. No further coordination will be undertaken by the organizers.

II. Registration Schedule (All times are UTC+8)

Registration Deadline: June 30, 2025 (Monday) 23:59
Eligibility Review Notification: Team captains will be notified of the review results via Email, expected by July 11, 2025 (Friday).

III. Registration Method

Registration Platform:
- This competition uses online registration exclusively. Please complete the registration process on the KKTIX registration system during the registration period.
- Registration Link: hitcon.kktix.cc/events/hitcon-cyberrange-2025
Review and Notification:
- The organizers will conduct eligibility reviews after the registration deadline based on the criteria mentioned above.
- Review results (regardless of approval status) and subsequent pre-competition notices, important information, etc., will all be sent via Email to each team captain.

Competition Format and Rules

HITCON Cyber Range aims to simulate realistic cybersecurity attack and defense scenarios and is divided into two stages: "Online Qualifiers" and "On-site Finals".

Stage 1: Online Qualifiers

Core Focus: Incident Investigation and Threat Identification
This stage is conducted online and primarily assesses the team's cybersecurity incident investigation and analysis capabilities.
Participating teams need to analyze various forms of digital evidence provided by the organizers (e.g., network traffic, server logs, endpoint activity records) to uncover hacker traces, identify real attack incidents, and find key Indicators of Compromise (IOCs).
Recommended Skills:
- Familiarity with log interpretation for common operating systems (Windows/Linux) and network devices (Firewall/Proxy).
- Ability to read and understand SQL query syntax and PowerShell scripts.
- Understanding of common hacker techniques and the ability to apply the MITRE ATT&CK® framework for analysis.
Procedure:
- Format: Online challenges.
- Time: July 18, 2025 (Friday) 10:00 to 23:59 (UTC+8, 14 hours total).
- Accounts: Each team will receive 4 login accounts for members to solve challenges online concurrently.
- Environment: Using the latest version of Chrome or Edge browser is recommended for the best experience.
Advancement to Finals:
- Qualifier scores will be ranked based on points earned and completion time. Top-ranking teams will advance to the On-site Finals.

Stage 2: On-site Finals

Core Focus: Comprehensive Incident Response Practice
This stage is an on-site competition designed to test the team's overall cybersecurity Incident Response (IR) capabilities under the pressure of a simulated enterprise environment.
Tasks include: Alert analysis, in-depth attack chain investigation, and formulating and actually implementing response measures (e.g., isolating compromised hosts, removing malware, patching system vulnerabilities, strengthening security settings).
Recommended Team Composition:
- The Finals challenges are diverse. It is recommended that team members possess complementary professional backgrounds and practical skills, including:
  - IT Operations and System Administration (Server, Network, AD/DC Management)
  - Application Security and Management
  - Cybersecurity Expertise (SOC Monitoring & Analysis, Incident Response IR, Digital Forensics)
Procedure:
- Format: On-site competition held at the designated venue.
- Time: (UTC+8) October 17, 2025 (Friday) 10:00 to 16:00 (UTC+8, 6 hours total).
  (Detailed competition schedule, will be notified to finalist teams before the event).
- Venue: Taipei New Horizon Building, 6F Function Room(6F, No. 88, Yanchang Road, Xinyi District, Taipei City).
Detailed procedures for the Finals competition, operating environment, scoring criteria, and important notes will be informed separately to the qualifying teams before the Finals.

Prohibited Actions

To maintain the fairness and integrity of the competition, all participating teams and members must adhere to the following rules. Violators may face immediate disqualification from participation or award eligibility:

Any action undermining the fairness of the competition is prohibited: This includes, but is not limited to, exchanging, leaking, purchasing, or disseminating solutions (Flags), hints, or solving methods in any form between teams.
Attacking or disruptive behavior is prohibited: Strictly forbidden are any forms of network attacks, malicious scanning, denial-of-service attacks, or unauthorized access attempts against the competition platform, related infrastructure, staff, or other participating teams.
Prohibition of participating in multiple teams: Each participant may only register for and represent one team.

The organizers reserve the final right to determine and act upon any violations.

Important Notes

Registrants are required to carefully read the following consent forms:

HITCON Cyber Range 2025 企業藍隊競賽