GOhack24 recap: Strengthening cybersecurity through collaboration

How can businesses better respond to cyber threats? GOhack24 brought together over 350 cybersecurity experts, ethical hackers, and enthusiasts at the Swiss Distance University of Applied Sciences to share knowledge, connect with leading minds, and showcase their skills in live bug bounty hunting. From the EDU Track with its engaging educational content to the collaborative fight against cybercrime at the symposium, the event provided a platform for innovative ideas and practical solutions.

GBF-GOhack24-recap (1).png
Photo credit: BDO Switzerland

Collaboration: The key to combatting cybercrime

The GOhack24 symposium, themed “Cybercrime: Perspectives and Responsibilities”, brought together experts from law enforcement, academia, industry, and the ethical hacking community to explore collaborative solutions to combat cybercrime. Christina Kistler, Co-CEO of GObugfree, summed up the spirit of the event in her opening remarks, “Our goal is to make cybersecurity and bug bounty programs accessible – not just for ethical hackers but also for those responsible for managing cyber risks in companies. By fostering collaboration across these groups, we can strengthen cyber resilience and advance the cybersecurity conversation in Switzerland.”

GBF-GOhack24-Serdar-Guenal-Ruetsche.jpg
GOhack24 Symposium keynote speaker Serdar Günal Rütsche, Head of Cybercrime Cantonal Police Zurich & Head of Digital Crime Investigation Support Network (NEDIK) - Source: BDO Switzerland

The symposium featured a diverse lineup of experts who shared their perspectives on combating cybercrime and building resilience:

  • Roger Knoepfel, Head of Vulnerability Management at the Federal Office for Cybersecurity (BACS), described the BACS as Switzerland’s “cyber thermometer,” monitoring over 50,000 cyber incident reports in 2024 alone. He noted the rise of sophisticated attacks like deepfake Zoom calls and emphasized the importance of patch management, two-factor authentication and maintaining infrastructure visibility.
  • Serdar Günal Rütsche, Head of cybercrime at the Zurich Cantonal Police and Head of NEDIK, highlighted two common fallacies about cybercrime: “It won’t happen to me” and “If it does, it won’t be that bad”. He urged organizations to to take a proactive approach to cybersecurity and involve the police early to preserve critical digital evidence.
  • David Ribeaud, CEO of Specialty Markets at Helvetia, called for collaboration between government, academia, and businesses to create a safer digital ecosystem.
  • Wolfgang Maier, neuropsychologist, and Bettina Zimmermann, crisis management expert, highlighted the need for crisis simulation and preparation. Maier emphasized that repetition builds readiness, while Zimmermann outlined steps for creating an effective crisis response team.

Speakers from across sectors reinforced a key message: Cybersecurity is a shared responsibility. 

GBF-GOhack24-Symposium-panel.jpg
GOhack24 Symposium panlists from left to right: Ursula Sury, HSLU; Serdar Günal Rütsche, Kantonspolizei Zürich; Simon Reinhart, Security Researcher; Marcel Eyer, GObugfree; Annika Bos, SWICO - Source: BDO Switzerland

A lively panel brought together from HSLU, SWICO, Zurich police, GObugfree and the ethical hacking community to discuss strategies tackling cyber threats. The day concluded with a relaxed apéro riche, encouraging further networking and exchange of ideas.

Bug bounty challenge: Strengthening real-world systems

At the heart of GOhack24 was the live bug bounty challenge, where ethical hackers from around the globe tested real-world systems provided by 13 program partners. The challenge focused on productive systems and resulted in 49 validated vulnerabilities, including 5 critical issues. The event provided a unique opportunity for organizations to collaborate with experts, learn from their findings, and strengthen their digital defenses.

GBF-GOhack24-leaderboard.jpg
Top three on the GOhack24 leaderboard, from left to right: Simioni (2nd place), Xel (1st place), Collfuse (3rd place) - Source: BDO Switzerland

At the end of the two days, the top 3 on the leaderboard were:

  1. Xel
  2. Simioni
  3. Collfuse

“The collaboration between ethical hackers and our program partners showcased the power of community in improving digital security,” said Michael Schläpfer, CSO of GObugfree. The insights gained were invaluable in enhancing security across industries.

Hack for Good

For the second year in a row, GOhack’s Hack for Good initiative gave ethical hackers a chance to double their impact. By improving system security, they not only protected businesses and individuals but also supported charitable causes. Half of the bounties earned in the RaiseNow and Koalect challenges were donated to Save the Children. One ethical hacker generously donated their entire earnings from GOhack24 to charity.

The Hack for Good award went to Veshraj for his outstanding contributions.

GOhack24-edu-cyber-guru.jpg
The EDU track provided valuable insights for both newcomers and cybersecurity experts.

EDU Track: Hands-on cybersecurity for all

Running parallel to the live bug bounty challenge, the EDU Track offered two days of practical workshops and talks tailored to beginners, career changers, and seasoned professionals. The sessions provided actionable tools and insights to tackle real-world cybersecurity challenges.

Some program highlights included:

  • “How to f* up bug bounty”** by Denis Morel (mabuco), busting myths and offering practical solutions
  • “Using a WAF to make bug bounty hunters’ lives miserable” by Christian Folini, showcasing advanced strategies
  • Threema’s talk on protocol design for secure communication
  • Dieci’s open report on handling a phishing attack
  • A packed to capacity beginner workshop on penetration testing led by Antoine Neuenschwander (Swisscom)

Participants also enjoyed interactive elements like the SWITCH Escape Room “Hack the Hacker,” which used gamification to raise security awareness.

GBF-GOhack24-networking-collage.png

Networking and community building

Throughout the three days, attendees had plenty of opportunities to network and exchange ideas in a collaborative atmosphere. Informal moments, like Dieci’s delivery of 150 pizzas on Friday and the return of the Tuck-Tuck pasta truck on Saturday, fostered a welcoming and inclusive environment.

The event’s relaxed atmosphere encouraged meaningful discussions and strengthened the sense of community essential for tackling complex cybersecurity challenges.

Looking ahead

GOhack24 proved that collaboration is the key to cybersecurity. Let’s continue working together to build a safer digital future - stay tuned and be part of GOhack25!