MDDI 演讲稿 · 2025-10-21
陈杰豪高级政务部长在新加坡 AI 夺旗赛上的开幕致辞
Opening remarks by SMS Tan Kiat How at the Singapore AI Capture-The-Flag event
要点
- • 新加坡两条「众包式」安全平台:AI CTF(夺旗赛)+ GBBP(政府漏洞赏金)。AI CTF 今年吸引 1000+ 参与者、462 队,1/5 来自海外;GBBP 自 2018 年与 64 个机构合作、测试 115 个系统、发现 586 个漏洞(含 11 个关键),共发出近 80 万新元奖金。
- • AI CTF 探测 AI 独有的脆弱面——提示词注入、数据投毒、对抗性机器学习——把进攻与防御能力同时锻炼起来。
- • GBBP 让全球白帽测试政府真实数字服务——很少国家这样开放,更少持续这样做。
- • Tan Kiat How 也借此庆祝多样性与年轻力量——去年「全女生队伍」`What's AI, 可以吃的吗?` 在大学预科组拿下第二;今天获奖的 Kevin Pook 大学时期就开始做漏洞赏金,如今已是网络安全顾问。
完整译文(中文)
MDDI 英文原文译文 · 翻译日期:2026-05-02
晚上好——各位嘉宾、合作伙伴、参赛者:
我很高兴和来自新加坡与海外的各位一起,出席今年的「新加坡 AI 夺旗赛」(AI CTF)与「政府漏洞赏金计划」(GBBP)颁奖典礼。
随着人工智能快速崛起——我们今天面对的网络安全挑战已经不同。新技术带来新的脆弱面——它们要求新的思维方式、新的工具与新的技能。AI CTF 正是为了揭示这些 AI 特有的风险、并强化我们集体防御而设。
在世界各地——即便是苹果(Apple)这样的领先公司也认识到——没有一个组织能独自保护复杂系统的安全。他们的漏洞赏金计划接入全球社群的创造力,在对手利用之前找出弱点。
本着同样的精神——新加坡建立了两个旗舰平台:AI CTF 与 GBBP——以借力社群专长。今晚——我们把这两个社群聚到一起——庆祝那些为两边都做出贡献的获奖者。这些倡议反映出新加坡的「主动」立场——我们坚信网络安全是、并且必须永远是「集体努力」。
AI CTF 旨在探测人工智能系统独有的脆弱面——传统测试可能侦测不到的弱点。参赛者通过发现并利用 AI 系统中的弱点来「夺旗」——在这一过程中,你们获得了「对抗性行为如何在 AI 中涌现、又如何被反制」的一手经验。
这些演练同时强化了进攻与防御能力——从模拟对抗攻击,到设计具备韧性的模型。它们让我们的社群具备了守护下一代 AI 系统所需的「动手专长」。
GBBP 则邀请全球白帽黑客测试真实的政府数字服务。在世界范围内——很少有政府这样开放自己的系统——更少有政府持续这样做。通过把安全测试众包出去——我们不仅找出漏洞,也在与公民、与全球社群之间建立信任与透明度。
结果不言自明。
今年的 AI CTF 吸引了 462 支队伍、共 1000 多名参赛者——其中超过 1/5 的队伍来自海外。这表明新加坡的努力正在全球引起共鸣。每一道挑战的完成——都扩展了我们对 AI 威胁(如提示词注入、数据投毒、对抗性机器学习)的共同理解。
自 2018 年以来——GBBP 与 64 个机构合作——测试了 115 个系统——在被攻击者利用之前发现了 586 个漏洞,其中包括 11 个关键漏洞。共发出近 80 万新元奖金——每一轮都有 240 多位白帽参与。
每一个被发现的漏洞、每一支贡献的队伍——都让我们在快速变化的数字格局中能多走一步。
今年 GovTech 与 CSA 联手举办 AI CTF——我们传递的信息很明确:网络安全需要我们所有人——政府、产业与更广泛的社群——共同对抗持续演化的威胁格局。
我们的成功取决于——能否调动新加坡内外社群的创造力与严谨。AI CTF 与 GBBP 体现了这种协作——也帮助我们的「有能力、有热情的网络防御者」生态壮大起来。
新加坡有活力的数字环境——让我们能培育更大的 AI 与网络安全人才池——让公共部门与扎根这里的国际企业一同受益。
我也很高兴看到——多样性正在这个领域扎根。在 2024 年的 Pwn2Own 上——女性研究员在世界最严苛的黑客比赛之一中拿到了「全胜」。在新加坡——去年「全女生队伍」「What's AI, 可以吃的吗?」在「大学预科组」拿下第二——证明天赋无关性别。让我们继续培育这种多样性——因为多样性正是创新的驱动力。
我们也庆祝年轻人。今天的获奖者之一 Kevin Pook——大学时期就开始做漏洞赏金狩猎,如今已是网络安全顾问——这提醒我们:早期的好奇心可以长成终身的热情与职业。
新加坡对网络防御的方法——以「主动行动」与「社群协作」为标志。携手前行——我们正在塑造一个更安全、更值得信赖的数字未来。
致所有参与者、合作伙伴与组织者——感谢你们的投入与卓越。你们的贡献加强了国家韧性——也激励他人加入这项重要事业。
致我们的年轻人、女性、专业人士与国际朋友——无论你是学生、工程师,还是只是好奇——网络安全不只是技能比拼。它是一种召唤。
让我们继续学习、协作、构建我们都应得的「安全数字未来」。
谢谢。
英文原文
MDDI 官网原始记录 · 抓取日期:2026-05-02
Good evening, distinguished guests, partners, and participants.
It is my great pleasure to join all of you, from Singapore and abroad, at this year’s Singapore AI Capture-the-Flag (AI CTF) and Government Bug Bounty Programme (GBBP) Awards Ceremony.
With the rapid rise of artificial intelligence, the cybersecurity challenges that we face today are no longer the same. New technologies bring new vulnerabilities. They demand new ways of thinking, new tools, and new skills. The AI CTF was created precisely to uncover these AI-specific risks and to strengthen our collective defences.
Across the world, even leading firms such as Apple recognise that no single organisation can secure complex systems alone. Their bug bounty programmes tap into the creativity of the global community to uncover weaknesses before adversaries can exploit them.
In that same spirit, Singapore has built two flagship platforms — the AI CTF and the GBBP — to harness community expertise. This evening, we bring these two communities together, celebrating the winners who have contributed to both. These initiatives reflect Singapore’s proactive approach and our belief that cybersecurity is, and must always be, a collective effort.
The AI CTF was designed to probe vulnerabilities unique to artificial intelligence systems, weaknesses that traditional testing may not detect. Participants raced to capture the flag by uncovering and exploiting weaknesses in AI systems. In doing so, you gained first-hand experience of how adversarial behaviour can emerge in AI — and how it can be countered.
These exercises strengthen both offensive and defensive capabilities, from simulating adversarial attacks to designing resilient models. They equip our community with the hands-on expertise needed to safeguard the next generation of AI systems.
The GBBP, meanwhile, invites global ethical hackers to test actual government digital services. Around the world, few governments open their systems in this way, and even fewer do so continuously. By crowdsourcing security testing, we are not only uncovering vulnerabilities but also building trust and transparency with our citizens and the global community.
The results speak for themselves.
This year’s AI CTF drew over 1,000 participants from 462 teams, with more than one in five teams from overseas. This demonstrates that Singapore’s efforts are resonating globally. Each challenge completed expands our shared understanding of AI threats such as prompt injection, data poisoning, and adversarial machine learning.
Since 2018, the GBBP has worked with 64 agencies, testing 115 systems, and uncovering 586 vulnerabilities, including 11 critical issues, before they could be exploited. Nearly S$800,000 has been paid in rewards, and more than 240 ethical hackers participate in each round.
Each vulnerability uncovered, and each team that contributes, strengthens our ability to stay one step ahead in a rapidly changing digital landscape.
This year, as GovTech and CSA join hands for AI CTF, we send a clear message: cybersecurity requires all of us — government, industry, and the wider community — to work together against a constantly evolving threat landscape.
Our success depends on tapping the creativity and rigour of the community, both in Singapore and beyond. The AI CTF and the GBBP exemplify this collaboration, and they help grow our ecosystem of capable, passionate cyber defenders.
Singapore’s vibrant digital environment enables us to develop a larger pool of AI and cybersecurity talent, benefiting both the public sector and the international businesses anchored here.
I am also heartened to see diversity taking root in this space. At Pwn2Own 2024, women researchers achieved full wins in one of the world’s toughest hacking competitions. Here in Singapore, last year’s all-girls team “What’s AI, 可以吃的吗?” clinched second place in the Pre-University category — proof that talent knows no gender. Let us continue to nurture this diversity, for it is diversity that drives innovation.
We also celebrate youth. One of today’s winners, Kevin Pook, began bug-bounty hunting as a university student and is now a cybersecurity consultant — a reminder that early curiosity can grow into lifelong passion and career.
Singapore’s approach to cyber defence is defined by proactive action and community collaboration. Together, we are shaping a safer, more trusted digital future.
To all participants, partners, and organisers — thank you for your dedication and excellence. Your contributions strengthen our national resilience and inspire others to join this important cause.
And to our youth, our women, our professionals, and our international friends: Whether you are a student, an engineer, or simply curious, cybersecurity is more than a contest of skills. It is a calling.
Let us continue to learn, to collaborate, and to build the secure digital future that all of us deserve.
Thank you.