MDDI 演講稿 · 2025-10-21
陳杰豪高階政務部長在新加坡 AI 奪旗賽上的開幕致辭
要點
- • 新加坡兩條「眾包式」安全平臺:AI CTF(奪旗賽)+ GBBP(政府漏洞賞金)。AI CTF 今年吸引 1000+ 參與者、462 隊,1/5 來自海外;GBBP 自 2018 年與 64 個機構合作、測試 115 個系統、發現 586 個漏洞(含 11 個關鍵),共發出近 80 萬新元獎金。
- • AI CTF 探測 AI 獨有的脆弱面——提示詞注入、資料投毒、對抗性機器學習——把進攻與防禦能力同時鍛鍊起來。
- • GBBP 讓全球白帽測試政府真實數字服務——很少國家這樣開放,更少持續這樣做。
- • Tan Kiat How 也藉此慶祝多樣性與年輕力量——去年「全女生隊伍」`What's AI, 可以吃的嗎?` 在大學預科組拿下第二;今天獲獎的 Kevin Pook 大學時期就開始做漏洞賞金,如今已是網路安全顧問。
完整譯文(繁體中文)
MDDI 英文原文譯文 · 翻譯日期: 2026-05-02
晚上好——各位嘉賓、合作伙伴、參賽者:
我很高興和來自新加坡與海外的各位一起,出席今年的「新加坡 AI 奪旗賽」(AI CTF)與「政府漏洞賞金計劃」(GBBP)頒獎典禮。
隨著人工智慧快速崛起——我們今天面對的網路安全挑戰已經不同。新技術帶來新的脆弱面——它們要求新的思維方式、新的工具與新的技能。AI CTF 正是為了揭示這些 AI 特有的風險、並強化我們集體防禦而設。
在世界各地——即便是蘋果(Apple)這樣的領先公司也認識到——沒有一個組織能獨自保護複雜系統的安全。他們的漏洞賞金計劃接入全球社群的創造力,在對手利用之前找出弱點。
本著同樣的精神——新加坡建立了兩個旗艦平臺:AI CTF 與 GBBP——以借力社群專長。今晚——我們把這兩個社群聚到一起——慶祝那些為兩邊都做出貢獻的獲獎者。這些倡議反映出新加坡的「主動」立場——我們堅信網路安全是、並且必須永遠是「集體努力」。
AI CTF 旨在探測人工智慧系統獨有的脆弱面——傳統測試可能偵測不到的弱點。參賽者通過發現並利用 AI 系統中的弱點來「奪旗」——在這一過程中,你們獲得了「對抗性行為如何在 AI 中湧現、又如何被反制」的一手經驗。
這些演練同時強化了進攻與防禦能力——從模擬對抗攻擊,到設計具備韌性的模型。它們讓我們的社群具備了守護下一代 AI 系統所需的「動手專長」。
GBBP 則邀請全球白帽駭客測試真實的政府數字服務。在世界範圍內——很少有政府這樣開放自己的系統——更少有政府持續這樣做。通過把安全測試眾包出去——我們不僅找出漏洞,也在與公民、與全球社群之間建立信任與透明度。
結果不言自明。
今年的 AI CTF 吸引了 462 支隊伍、共 1000 多名參賽者——其中超過 1/5 的隊伍來自海外。這表明新加坡的努力正在全球引起共鳴。每一道挑戰的完成——都擴充套件了我們對 AI 威脅(如提示詞注入、資料投毒、對抗性機器學習)的共同理解。
自 2018 年以來——GBBP 與 64 個機構合作——測試了 115 個系統——在被攻擊者利用之前發現了 586 個漏洞,其中包括 11 個關鍵漏洞。共發出近 80 萬新元獎金——每一輪都有 240 多位白帽參與。
每一個被發現的漏洞、每一支貢獻的隊伍——都讓我們在快速變化的數字格局中能多走一步。
今年 GovTech 與 CSA 聯手舉辦 AI CTF——我們傳遞的資訊很明確:網路安全需要我們所有人——政府、產業與更廣泛的社群——共同對抗持續演化的威脅格局。
我們的成功取決於——能否調動新加坡內外社群的創造力與嚴謹。AI CTF 與 GBBP 體現了這種協作——也幫助我們的「有能力、有熱情的網路防禦者」生態壯大起來。
新加坡有活力的數字環境——讓我們能培育更大的 AI 與網路安全人才池——讓公共部門與紮根這裡的國際企業一同受益。
我也很高興看到——多樣性正在這個領域紮根。在 2024 年的 Pwn2Own 上——女性研究員在世界最嚴苛的駭客比賽之一中拿到了「全勝」。在新加坡——去年「全女生隊伍」「What's AI, 可以吃的嗎?」在「大學預科組」拿下第二——證明天賦無關性別。讓我們繼續培育這種多樣性——因為多樣性正是創新的驅動力。
我們也慶祝年輕人。今天的獲獎者之一 Kevin Pook——大學時期就開始做漏洞賞金狩獵,如今已是網路安全顧問——這提醒我們:早期的好奇心可以長成終身的熱情與職業。
新加坡對網路防禦的方法——以「主動行動」與「社群協作」為標誌。攜手前行——我們正在塑造一個更安全、更值得信賴的數字未來。
致所有參與者、合作伙伴與組織者——感謝你們的投入與卓越。你們的貢獻加強了國家韌性——也激勵他人加入這項重要事業。
致我們的年輕人、女性、專業人士與國際朋友——無論你是學生、工程師,還是隻是好奇——網路安全不只是技能比拼。它是一種召喚。
讓我們繼續學習、協作、構建我們都應得的「安全數字未來」。
謝謝。
英文原文
MDDI 官網原始記錄 · 抓取日期: 2026-05-02
Good evening, distinguished guests, partners, and participants.
It is my great pleasure to join all of you, from Singapore and abroad, at this year’s Singapore AI Capture-the-Flag (AI CTF) and Government Bug Bounty Programme (GBBP) Awards Ceremony.
With the rapid rise of artificial intelligence, the cybersecurity challenges that we face today are no longer the same. New technologies bring new vulnerabilities. They demand new ways of thinking, new tools, and new skills. The AI CTF was created precisely to uncover these AI-specific risks and to strengthen our collective defences.
Across the world, even leading firms such as Apple recognise that no single organisation can secure complex systems alone. Their bug bounty programmes tap into the creativity of the global community to uncover weaknesses before adversaries can exploit them.
In that same spirit, Singapore has built two flagship platforms — the AI CTF and the GBBP — to harness community expertise. This evening, we bring these two communities together, celebrating the winners who have contributed to both. These initiatives reflect Singapore’s proactive approach and our belief that cybersecurity is, and must always be, a collective effort.
The AI CTF was designed to probe vulnerabilities unique to artificial intelligence systems, weaknesses that traditional testing may not detect. Participants raced to capture the flag by uncovering and exploiting weaknesses in AI systems. In doing so, you gained first-hand experience of how adversarial behaviour can emerge in AI — and how it can be countered.
These exercises strengthen both offensive and defensive capabilities, from simulating adversarial attacks to designing resilient models. They equip our community with the hands-on expertise needed to safeguard the next generation of AI systems.
The GBBP, meanwhile, invites global ethical hackers to test actual government digital services. Around the world, few governments open their systems in this way, and even fewer do so continuously. By crowdsourcing security testing, we are not only uncovering vulnerabilities but also building trust and transparency with our citizens and the global community.
The results speak for themselves.
This year’s AI CTF drew over 1,000 participants from 462 teams, with more than one in five teams from overseas. This demonstrates that Singapore’s efforts are resonating globally. Each challenge completed expands our shared understanding of AI threats such as prompt injection, data poisoning, and adversarial machine learning.
Since 2018, the GBBP has worked with 64 agencies, testing 115 systems, and uncovering 586 vulnerabilities, including 11 critical issues, before they could be exploited. Nearly S$800,000 has been paid in rewards, and more than 240 ethical hackers participate in each round.
Each vulnerability uncovered, and each team that contributes, strengthens our ability to stay one step ahead in a rapidly changing digital landscape.
This year, as GovTech and CSA join hands for AI CTF, we send a clear message: cybersecurity requires all of us — government, industry, and the wider community — to work together against a constantly evolving threat landscape.
Our success depends on tapping the creativity and rigour of the community, both in Singapore and beyond. The AI CTF and the GBBP exemplify this collaboration, and they help grow our ecosystem of capable, passionate cyber defenders.
Singapore’s vibrant digital environment enables us to develop a larger pool of AI and cybersecurity talent, benefiting both the public sector and the international businesses anchored here.
I am also heartened to see diversity taking root in this space. At Pwn2Own 2024, women researchers achieved full wins in one of the world’s toughest hacking competitions. Here in Singapore, last year’s all-girls team “What’s AI, 可以吃的吗?” clinched second place in the Pre-University category — proof that talent knows no gender. Let us continue to nurture this diversity, for it is diversity that drives innovation.
We also celebrate youth. One of today’s winners, Kevin Pook, began bug-bounty hunting as a university student and is now a cybersecurity consultant — a reminder that early curiosity can grow into lifelong passion and career.
Singapore’s approach to cyber defence is defined by proactive action and community collaboration. Together, we are shaping a safer, more trusted digital future.
To all participants, partners, and organisers — thank you for your dedication and excellence. Your contributions strengthen our national resilience and inspire others to join this important cause.
And to our youth, our women, our professionals, and our international friends: Whether you are a student, an engineer, or simply curious, cybersecurity is more than a contest of skills. It is a calling.
Let us continue to learn, to collaborate, and to build the secure digital future that all of us deserve.
Thank you.