On Monday 27 September 2021, the municipality of The Hague and cybersecurity company Cybersprint organised the 4th edition of hacking competition: Hâck The Hague. 206 international professional and student hackers got the opportunity to hack the live IT systems, applications and websites of the municipality of The Hague & her suppliers to put their digital security to the test. Participating hackers reported 125 vulnerabilties. Among those were; unsafe access to accounts, outdated software, the ability to inject malicious code into a website and an account that could be taken over completely.
Alongside the hacking competition, the public was offered an interactive side programme during the day. In this programme, hackers, experts, suppliers of the municipality, and other relevant organisations will talk about various cybersecurity topics. The full broadcast is now available on demand, or you can watch all the items separately on the Hâck The Hague YouTube channel. Read more about the speakers here.
Do you have any questions regarding the event, or are you interested in #HTH21 for press-related requests, contact us at email@example.com.
Read our blogs, news, interviews and press releases
Sanne Maasakkers works as a security expert in the Red Team and Research & Intel Fusion Team at Fox-IT in Delft. She is born and raised in the southern part of the Netherlands but lives in The Hague for two years now. In her daily working life, she focuses on Red Teaming, pentesting, social engineering and advising customers about current threats. This year she had the chance to execute the attack as a foreign nation-state APT on the municipality of The Hague during a big cyber crisis exercise.
In addition to her work, she contributes to a “more secure society” by providing awareness training, guest lectures and hack demos in both professional and educational environments. She is one of the trainers for Team Europe during the International Cyber Security Challenge (organized by ENISA), where she will coach the best hackers of Europe before and during the international CTF competition.
Frank has had an official job in information security for over 20 years and unofficial involvement for longer than he cares to admit. In retrospect, he has always been breaking stuff in expected and unexpected ways. His current day job is CISO for Schuberg Philis, but he is also known for his involvement with the Dutch Institute for Vulnerability Disclosure, where he heads the CSIRT in the efforts to make the internet a safer place.
Edwin van Andel started hacking at the age of 13. Although he is now CE2 of hacker company Zerocopter, his relationship with the hacker community is still the main driving force in his life. His dream to bring the brilliant minds of all hackers he knows together in one room and to hack everything that is brought in is something that he is getting closer to. In addition, together with the “Guild of Grumpy Old Hackers”, he is actively guiding and leading young hackers in the right direction in order to create his ultimate goal - a safe society through a safer internet.
Jeroen Schipper has more than 15 years of professional experience in information security at the Ministry of Defence and was appointed CISO of the municipality of The Hague in 2018.
With a background in IT and Change Management, he focuses on the further professionalization of the security organization and is responsible for setting up and maintaining the vision and security program of the municipality of The Hague.
Jeroen Schipper is also responsible for the annual Hâck The Hague event, where ethical hackers are invited to hack the live systems of the municipality of The Hague, with the goal to test the digital infrastructure of the Municipality and its suppliers for vulnerabilities.
Pieter Jansen is a passionate cybersecurity specialist and CEO & founder of Cybersprint. With his experience as an ethical hacker and security manager, Pieter has worked on both the ‘offense’ and ‘defense’ side of cybersecurity. Pieter saw new possibilities in developing a platform to automatically map the attack surface of organisations. He started his own company, driven by his ambition ‘to make the digital world more secure’. His motto "Defense is hard, offense is easy" forms the base of the Cybersprint platform.
Contestants compete for 12 prizes ranging from €500-€2000 available in four different categories:
As the international city of Peace & Justice, cybersecurity remains crucial to the municipality of The Hague. With regular internal and external assessments, we’re constantly working on our digital security. The Responsible Disclosure aims to better protect the city’s residents, companies and systems by mitigating vulnerabilities. People who report such vulnerabilities via the Responsible Disclosure policy are allegeable to receive a reward.
Hâck The Hague helps to map and assess the municipality’s attack surface, a necessary step in strengthening the cyber-resilience. In addition, it contributes to raising awareness among residents, entrepreneurs and employees about digital security. Hackers discovered 102 vulnerabilities in the 2019 edition, most of which have since been resolved.