Why Participate?
•
Explore:
Discover the world of cybersecurity
•
Encourage:
Motivate participants towards cybersecurity careers
•
Educate:
Learn or improve cybersecurity skills
•
Enhance:
Teamwork, collaboration, and critical thinking
•
Enrich:
Compete for meaningful scholarships and/or cash prizes
•
Enjoy:
A fun challenge. ☺
Contestant Requirements: Basic understanding of
Windows/Unix and the Internet + Willingness to Learn, Work as
a Team, and Desire to Have Fun.
Background (2011-2013)
•
700 competitors and 115 teams over past 2 years
•
3 divisions (high school, college, professional)
•
Team Sizes of 3-6 members
•
Scholarship prizes from NSA for student finalists ($5000/$3000); more than
$160,000 awarded in the past 2 years
•
Internships offered to student winners
•
Cash prizes for professional team winner
•
Competition finals run alongside 2 day conference
•
For 2013, it’s open to teams nationwide!
4
Things to Remember
When Building a Team
•
You can represent your organization or create a team with members from
multiple organizations and companies.
•
Individual names will not be publicized nor will your company name.
•
Your team name will likely be publicized – particularly if you win ☺
•
Only first and second place winners will be made public
•
Team ratings will be given only to teams and not released publically
•
Pictures will be taken at the event for use to market the event in the future
•
Sign up in July for $50 discount. Names will need to be locked in by Sept 9
th•
Identify your captain. This will be the main communication point throughout.
5
Challenge Timeline
•
Registration Closes (Sept 9)
•
Unscored Practice Rounds
– Windows (Aug 15) & Linux (Aug 29) Hardening – Forensics (Sept 5)
•
Qualification Round #1 (Sept 21)
– System Hardening for all competitors
•
Qualification Round #2 (Sept 26)
– System Hardening for High School (different target) – Forensics for College & Professionals
•
Finals @ Baltimore Convention Center
– Oct 8 (9AM-3PM) for High School
– Oct 9 (9AM-3PM) for College & Professionals
Challenge Game Types
System Hardening (Practice/Qualifications)
Analyze Windows & Linux systems for vulnerabilities or potential vulnerabilities
and secure systems that are vulnerable.
Forensics (College and Professional Practice/Qualifications)
Finding and reporting evidence of intrusions, discovery of malware, analysis of
payloads, log analysis, network analysis, and tracking of attackers on images
either of computer systems or USB drives. The more details reported to the
White Team, the more points they earn.
Defense/CND (High School Finals)
Defending a network being attacked by a live Red Team, while maintaining
critical services and securing hosts, detecting and mitigating Red Team activity
and other misuse, and communicating findings.
Attack/Defend-CTF (College and Professional Finals)
Compromise and control targets, maintain control of targets, and secure your
own targets against other teams’ attacks. The longer a team holds a target and
maintains its critical services (i.e., ‘Capture and Defend’), the more points they
earn.
Key Skills for Success
System Hardening
-
Windows & Linux System Administration
Forensics
-
Disk image analysis
-
File carving
-
Log file analysis
-
Network traffic (packet capture) analysis
Attack/Defend-CTF
-
Windows & Linux System Administration
-
Log file analysis
-
Incident Response & Handling
-
Intrusion Detection
Teamwork, Organization & Good Communication Skills are essential, too!
CyberMaryland Conference
•
October 8-9, 2013 @ Baltimore Convention Center
– Runs simultaneously with the Maryland Cyber Challenge
•
Two Days of technical and non-technical conference sessions appealing
to a wide range of audiences, industries, and expertise.
•
Exhibitor Fair
•
Employer & Professional Networking Opportunities
Cyber Operations Key Skills
1. Maintain critical services even during moments
of intrusion and misuse
2. Identify vulnerabilities and lock down systems
(computers, network and security devices)
3. Recognize and respond to hacker and
computer misuse activity (Monitor and
Forensics)
4. Collect & Analyze Forensics Data
5. Penetration Testing
6. Communicate effectively
Realistically Train as you expect to Operate
CyberNEXS: The Environment
Instruct – Classroom Instruction
• Learning of facts
• Question and answers
• Instructor Demonstrations
Exercise – Live Lab
• Reinforcement of learning
• Student Hands-on
• Trial-and-error with real-time feedback
Compete – Game
• Measure individual or team
• Learn new techniques from others
• Fun; stimulus to learn more
Certify – Demonstrate Practical Knowledge
• Final verification of level of capability
• Certified under pressure
11 • Competed 7 years DefCon CTF (2 time winner)
• 100+ Training and Competition Events • Mid-High School
– AFA National High School Cyber Defense Competition: Cyber Patriot I,II,III, & IV – NDIA Cyber Challenge
– San Diego Mayor's Cyber Cup I, II
– State of Maine HS Cyber Defense Challenge I - II – Thomas Jefferson HS tjSTARS
• Collegiate
– Mid-West Regional Cyber Defense Competition – Mid-Atlantic Regional Cyber Defense Competition – Navy Post-Graduate School
– National Collegiate Cyber Defense Competition – Maryland Cyber Challenge
• Adult
– EUCOM, Joint and Coalition Forces – University of California
– Naval Supply CISO
– Canadian Forces School of Communications – FBI
– Singapore – ToorCon
12
Qualification Round 1
Characteristics
•
For all Divisions•
6 contiguous hours to complete during the round•
Contestant downloads VM target and hardens it ontheir own machine
•
Download prior to the round; Decryption key sent 15 minutes prior to the start of the round•
Following system registration instructions is key•
Contestant maintains critical services on own machine•
Agent sends status to CyberNEXS Global Serviceswhich returns score to Contestant’s Status Page
•
No attacks nor trouble ticket activityperformed (no red/white team required)
•
Practice Rounds 1 and 2 will prepare teamsRequirements
•
Contestant’s computer requires•
2GB RAM•
20 GB Disk Space•
VMware Player (free)•
Contestant’s internet connectivity requires•
64Kbps up/down link13
Qualification Round 2
(High School)
Characteristics
•
For High School Division only•
Same challenge as Qualification Round 1, but with a different target•
Practice Rounds 1 and 2 will prepare teamsRequirements
14
Qualification Round 2
(College and Professional)
Characteristics
•
For College and Professional Divisions•
6 contiguous hours to complete during the round•
Forensics Challenge – Two of the following:•
Disk image analysis•
File carving•
Log file analysis•
Network trace (packet capture) analysis•
Download prior to the round; Decryption key sent 15 minutes prior to the start of the round•
Scoring will be based forensic analysis provided via the CyberNEXS trouble ticket system•
Practice Round 3 will prepare teams to use the scoring system, however the practice round will only have one short challengeRequirements
• Same as for Qualification Round 1
• Tools for analyzing packet captures
15
High School Finals
Requirements
•
Contestants’ computers will be supplied•
Understanding of Remote Desktop (Windows) and ssh (Linux) software is required•
Experience with previous rounds•
No electronic media/devices (Paper notes, printouts, books OK)•
No staged internet sitesCharacteristics
•
Teams log into their own CyberNEXS network•
Contestants harden systems in their network, maintain critical services and fill out trouble tickets, while a Red Team attacks the network16
College and Professional
Finals
Requirements
•
Contestants’ computers will be supplied•
Understanding of Remote Desktop (Windows) and ssh (Linux) software is required•
Experience with previous rounds•
No electronic media/devices (Paper notes, printouts, books OK)•
No staged internet sitesCharacteristics
•
Teams log into a single CyberNEXS network•
Contestants identify and compromise targets, then plant flags•
Contestants harden systems in their network, maintain criticalservices and protect their systems while other teams try to attack
17
