Reports from past hacker tournaments C ^ 2
Since the hacker tournament in South Africa, the
Russian C ^ 2: Cyber Challenge is not the first hacker tournament in the world . Symantec regularly holds the Cyber Readiness Challenge in different countries.
The online part of the hacker tournament is currently underway, plus registration for the offline part and the conference on information security is ongoing. In Russia, Symantec and CROC are organizing this event for the first time. While “ethical hackers” are breaking the network in a simulator, I’ll talk about how several such tournaments around the world have already passed.
In 2012, the tournament was held in many countries. Toronto, Canada: 120 computer security experts took part (more precisely, journalists later called them experts - some of the participants were still trained in IT specialties at local universities). The plot is a hacker confrontation between two corporations: defense and "raids" of industrial espionage. The mechanics of the tournament are the tasks of penetrating the "opponent" in the network according to the principle of "capturing the flag."
Naturally, the journalists were interested in what the hell, in fact, bad people are preparing for the tournaments, who will then go to break the domestic Canadian networks. True, the degree of inadequacy there is low, so everyone understood everything. Just in case, here's a quote from Clint Sand, director of security at Symantec, which has often been posted:
Game experience will help participants better understand the goals, technical tricks and the very way of thinking of a cybercriminal and, ultimately, better do their job.
The prize in Canada was a small pleasant amount of 2500 Canadian dollars. A certain Tim “Dingo” Alpin won, about whom, I am sure, we will still hear in the news in a couple of years. A security conference was held there.
Tournament in New York
Here, in the final, 80 experts gathered who decided to risk testing their knowledge of information security. Like last time, users played on the principle of “capture the flag”, performing a series of tasks to hack and protect simulated data centers. The experts went ahead, so for those who just touched the world of information security, a system of tips worked that allowed you to stay in the game.
Another security conference was held there. “Stopping the virus does not mean neutralizing the threat,” Clint Sand shared his opinion. “Today, organizations are undergoing constant, continuous, ongoing attacks.”
Three experts immediately united in a team. Thanks to this combination, they were able to attack in a more coordinated manner, which immediately gave an advantage. They presented the prize to a colleague who had a birthday just on the day of the tournament.
Tournament in London
In April, as part of the Infosecurity conference, another Cyber Readiness Challenge was held in London. At this point, it became clear that the system, originally conceived as a training simulator for company employees, is becoming a very interesting world-class competition.
We’ve built an infrastructure that allows players to become hackers and try to hack the system, ”explains Symantec Shan in an interview with Infosecurity Magazine. - Players connect to the infrastructure and perform various tasks to capture flags. The player can use hints or keys, but with each hint used, the total number of points scored by him will decrease. Usually, those who capture the most flags in a day will win this stage of the competition and will be invited to the next stage and the final game, where they will compete with the best world experts.
The competition was open to any visitor to the Infosecurity Europe conference, from a security professional to just a visitor. The audience watched the game, looking at the electronic scoreboard and listening to the report from the scene through the headphones. Players brought their own tools, used software and data from the Internet.
Here is a piece of translation from the participant’s report ( original ):
This week, representatives of McGuire Solutions, one of our networking vendors, invited me to participate with them in a unique event at the Dallas Aviation Museum. The event was unexpected, exciting and a little self-esteeming. Although the storyline of the game turned out to be very far-fetched, the topic and technologies cannot be called such. At the Symantec Cyber Readiness Challenge, you come across a criminal corporation, and, in fact, the game itself comes down to espionage. Using everyday tools, you penetrate various technologies to reveal the secrets of the company. You decrypt files, find servers, capture documents, etc.
At this event, I met many people and was pleasantly surprised by the selection of participants: IT security specialists, IT department managers, company owners and ... just visitors. I was impressed.
Video from an event in Dallas
Here's another video from Paris and Barcelona .
Online in Russia, things are like this:
Position - Member Nickname - Points
- vos 34,300
- Heirhabarov 23,950
- VY_CMa 23,100
- Xtalf 23,100
- 4lemon 22,675
- Messiah 21,950
- AV1ct0r 21.850
- ToshiYoung 20,875
- ikudlai 20,750
- avknsk 19,975
Tournament in Moscow
September 10 will be held C ^ 2: Cyber Challenge in Moscow. Register for the event here . Residents of Russia over 18 can participate. Here is additional information .