Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam

Ministry of Digital Development and Information
Speeches

Opening remarks by SMS Tan Kiat How at the Singapore AI Capture-The-Flag event

21 October 2025

  1. Good evening, distinguished guests, partners, and participants.

  2. It is my great pleasure to join all of you, from Singapore and abroad, at this year’s Singapore AI Capture-the-Flag (AI CTF) and Government Bug Bounty Programme (GBBP) Awards Ceremony.

  3. With the rapid rise of artificial intelligence, the cybersecurity challenges that we face today are no longer the same. New technologies bring new vulnerabilities. They demand new ways of thinking, new tools, and new skills. The AI CTF was created precisely to uncover these AI-specific risks and to strengthen our collective defences.

  4. Across the world, even leading firms such as Apple recognise that no single organisation can secure complex systems alone. Their bug bounty programmes tap into the creativity of the global community to uncover weaknesses before adversaries can exploit them.

  5. In that same spirit, Singapore has built two flagship platforms — the AI CTF and the GBBP — to harness community expertise. This evening, we bring these two communities together, celebrating the winners who have contributed to both. These initiatives reflect Singapore’s proactive approach and our belief that cybersecurity is, and must always be, a collective effort.

  6. The AI CTF was designed to probe vulnerabilities unique to artificial intelligence systems, weaknesses that traditional testing may not detect. Participants raced to capture the flag by uncovering and exploiting weaknesses in AI systems. In doing so, you gained first-hand experience of how adversarial behaviour can emerge in AI — and how it can be countered.

  7. These exercises strengthen both offensive and defensive capabilities, from simulating adversarial attacks to designing resilient models. They equip our community with the hands-on expertise needed to safeguard the next generation of AI systems.

  8. The GBBP, meanwhile, invites global ethical hackers to test actual government digital services. Around the world, few governments open their systems in this way, and even fewer do so continuously. By crowdsourcing security testing, we are not only uncovering vulnerabilities but also building trust and transparency with our citizens and the global community.

  9. The results speak for themselves.

  10. This year’s AI CTF drew over 1,000 participants from 462 teams, with more than one in five teams from overseas. This demonstrates that Singapore’s efforts are resonating globally. Each challenge completed expands our shared understanding of AI threats such as prompt injection, data poisoning, and adversarial machine learning.

  11. Since 2018, the GBBP has worked with 64 agencies, testing 115 systems, and uncovering 586 vulnerabilities, including 11 critical issues, before they could be exploited. Nearly S$800,000 has been paid in rewards, and more than 240 ethical hackers participate in each round.

  12. Each vulnerability uncovered, and each team that contributes, strengthens our ability to stay one step ahead in a rapidly changing digital landscape.

  13. This year, as GovTech and CSA join hands for AI CTF, we send a clear message: cybersecurity requires all of us — government, industry, and the wider community — to work together against a constantly evolving threat landscape.

  14. Our success depends on tapping the creativity and rigour of the community, both in Singapore and beyond. The AI CTF and the GBBP exemplify this collaboration, and they help grow our ecosystem of capable, passionate cyber defenders.

  15. Singapore’s vibrant digital environment enables us to develop a larger pool of AI and cybersecurity talent, benefiting both the public sector and the international businesses anchored here.

  16. I am also heartened to see diversity taking root in this space. At Pwn2Own 2024, women researchers achieved full wins in one of the world’s toughest hacking competitions. Here in Singapore, last year’s all-girls team “What’s AI, 可以吃的吗?” clinched second place in the Pre-University category — proof that talent knows no gender. Let us continue to nurture this diversity, for it is diversity that drives innovation.

  17. We also celebrate youth. One of today’s winners, Kevin Pook, began bug-bounty hunting as a university student and is now a cybersecurity consultant — a reminder that early curiosity can grow into lifelong passion and career.

  18. Singapore’s approach to cyber defence is defined by proactive action and community collaboration. Together, we are shaping a safer, more trusted digital future.

  19. To all participants, partners, and organisers — thank you for your dedication and excellence. Your contributions strengthen our national resilience and inspire others to join this important cause.

  20. And to our youth, our women, our professionals, and our international friends: Whether you are a student, an engineer, or simply curious, cybersecurity is more than a contest of skills. It is a calling.

  21. Let us continue to learn, to collaborate, and to build the secure digital future that all of us deserve.

  22. Thank you.

Back to top