Global Cybersecurity Camp 2025
Global Cybersecurity Camp 2025
On 9-15 February 2025, I represented Singapore in the Global Cybersecurity Camp (GCC) 2025 held in Taoyuan, Taiwan.
Overview
GCC is an annual 1-week international cybersecurity training programme where around 50 students from various countries come together to deepen their knowledge in cybersecurity and build lifelong friendships.
This year, I am very honoured to have been selected for this, along with 4 other Singaporean students, Davis, Jun Hong, Yoon Yik, and Ezann, under the member organisation, Division Zero.
The programme consisted of a series of lectures and a group project, and our schedule looked something like this:
This blog post will walk you through my experience at GCC 2025!
Day 0 (8-9 February)
The Singapore team met at Changi Airport at 10pm on 8 February for our 1am flight to Taiwan. I was quite nervous and excited!
We landed at Taoyuan International Airport at 5am+, and headed to Taipei to explore the city before GCC started.
We had some food at 阜杭豆漿 (Fuhang Soy Milk) after queuing for an hour, then got some coffee. We also visited the Huashan 1914 Creative Park, and had even more food :D
Afterwards, we headed back to Taoyuan, where we checked into our hotel and started preparing some gifts from Singapore for the other participants (if you’re from GCC and reading this, hope you enjoyed the little taste of SG!).
We then had our ice-breaking session with the other participants over dinner and a short introduction of ourselves. During this session, I got to meet many new friends, and heard about their impressive backgrounds in cybersecurity.
Day 1 (10 February)
On day 1, we had the opening ceremony, where we had a keynote on AI and cybersecurity by Dr Benson Wu. It was also where I first met my extremely talented groupmates, Sarin (India), Teodora (Romania), Eric (Korea), Nelson (Malaysia), and Farhan (Indonesia).
We had an introduction to the various group projects, which were on the topics of Quantum Security, SSO Tracker, Robot Security and AI-based ICS Incident Investigation System. My group was assigned the quantum security project.
Afterwhich, we had our first lecture on threat modelling by Donavan Cheah, touching on threat modelling principles, methodologies, and tools, with hands-on exercises with OWASP Threat Dragon. It was a great session that complemented my prior GRC knowledge from school.
Our next class was on writing a code sanitiser by Mikihito Matsuura, where we modified chibicc, a small C compiler, to add code sanitisation features to prevent vulnerabilities like OOB writes and double frees. It was an insightful session that gave me a better understanding of how code sanitisation works.
Day 2 (11 February)
Day 2 was a full day—8 hours of a Reverse Engineering Malware in C++ with IDA and Semi-Automated Scripts by Hiroshi Suzuki and Naoki Takayama. This session dived deep into identifying functions, classes, inheritance, etc., in malware with IDA, and also consisted of a CTF challenge. Quite happy to get 7th place in the CTF despite being pretty new to RE!
After the session, I had hotpot with Davis, Jun Hong, Ezann and Teodora at a nearby restaurant. I got the milk broth, which was interesting- it was sweet and creamy. My group then went back to the hotel to work on our project, where we discussed the direction of our project.
Day 3 (12 February)
Day 3 started with a class on OT security and attacks by Vic Huang and Sol Yang. We learnt about the differences of IT and OT, and various attacks on OT systems. It was an interesting class that introduced me to the world of OT security. Afterwards, we had a class on Detection Engineering with Threat Intelligence by Tomohisa Ishikawa, going through different types of threat intelligence and its data sources, as well as some hands-on exercises with YARA and SIGMA rules. I had some good discussions with my groupmates throughout the sessions, helping us get closer!
During lunch, I headed out with other participants to get Subway, and had a good chat with them.
The day ended with an industry session where we heard from various companies including our sponsors. I learnt quite a bit about the different companies, their offerings and their innovative solutions.
At night, we finally managed to get a basic working prototype of our project (a quantum casino that utilises quantum mechanics for fairness and anti-cheat measures), and continued to discuss and research on our quantum project.
Day 4 (13 February)
On day 4, we had a class on modern kernel exploitation by Cherie-Anne Lee, where we learnt about modern kernel pwn techniques like dirtycred and USMA. This was a challenging class that pushed me out of my comfort zone, but I managed to learn a lot from it. Afterwards, we had a class by Kamel Ghali on an introduction to automotive cybersecurity and car hacking, which exposed me to bluetooth and automotive security. We also had hands-on CTF challenges where we played with some hardware! I had a great time with the CTF, and managed to first blood one of the challenges with my groupmate, Farhan :D
Those were the last classes of the camp, and we headed back to the hotel to work on our project after class. We finally got the full application working with better UI and features, and started preparing for our presentation. We stayed up till 2-3am to finish up our slides and rehearse our presentation, but it was a great bonding experience with my groupmates, and we had lots of fun talking about our cultures and experiences.
Day 5 (14 February)
Finally, it was the day of the project presentation. We were the first group to present, and I was extremely nervous. There were some things that I wish we could have done better, but I was proud of how much we had accomplished in such a short time. The other groups also presented their projects, and I was amazed by the creativity and technical depth of their projects.
Surprisingly, our team scored a win, and we won the SANS NetWars Continuous course access.
We took a group photo before heading off to the city tour! At this point, I could barely believe that GCC was coming to an end.
We visited Taipei 101, yapped a ton, bought some pastries to bring back to Singapore, and had some drinks. We then headed off to the closing ceremony.
Some lads were karaoke-ing, and I had a great time chatting with the other participants. I went around asking for signatures on my name tag, despite being the huge introvert that I am! I managed to strike up some great conversations with other participants whom I hadn’t had the chance to talk to earlier, and it was a great way to end the camp. Bittersweet moment :”). To end the night, we had some drinks and an afterparty at the hotel.
Day 6 (15 February)
We had our final breakfast and yapping session with the other participants, before some of them parted ways. My flight was at night, so I had some time to explore Taiwan.
Jun Hong, Ezann and I went to get hotpot (again) at Ximending, and explored the area. We then went to Dihua Street (迪化街) to walk around, and went to Da Dao Cheng Wharf (大稻埕碼頭) to walk and yap. Taiwan is really really pretty, and I wish I had more time to explore the country. Maybe next time! :P
On the flight back, we met… Farhan again?! Coincidence or fate? :D
Some Last Words
GCC was an amazing experience that I will never forget. I learnt SO MUCH in such a short time, and met so many talented individuals from all around the world. I still can’t believe that it is over, and it still feels like just yesterday that I was at the opening ceremony.
I am extremely grateful and honoured to have been given this opportunity. I would like to thank Div0 for selecting me, and the organisers and trainers for putting together such an amazing camp.
Also, a huge thank you to my groupmates for such a great time (and staying up late every night to work on our project) :D
To the participants of GCC 2025, I hope this isn’t a goodbye, but a see you later. I hope that we can meet again in the future, and I wish you all the best in your future endeavours.