After working late into the night on the first challenge, the team met for an 08:15am start for what was about to be a capture the flag like none other they had experienced. We brought the team together for one last tactics discussion and to attempt to figure out what may lay ahead.
At 08:30am the mayhem began. Teams were rushing to collect information after being briefed about the task at hand. Each team had 8 hours to attack, defend, patch, solve and organise their way out of as a mock ‘company’ Capital Treasury Florence. Roles were drawn up for CEO, CTO and Press Officer and the ‘company’ were to report specific members for specific challenges when summoned by the jury.
The challenges came thick and fast and the attacks from the other teams even quicker. Last year’s winner Austria were strategically focused and as a result went straight to battle stations on the offensive. During the mele, the UK team set to work on the first job of the day, identify vulnerabilities and patch them up to prevent being broken into. The team then had to cycle through a number of time based challenges and complete them whilst managing their already growing tasks of attacking, defending and patching. These time based tasks focused on more business like skills and required the teams to set up a company website to brief the public about the attacks, provide information via PDF’s and even present to the delegates of the conference.
As the day went on, the UK team’s defence points continued to grow after all their hard work focusing around defence. As 17:00pm rolled around and with just half an hour left to go, the competition was tense. Teams were scrambling to communicate with judges, hack final boxes or kick rival teams off their infrastructure.
As the deadline arrived, the teams were played out with exit music and it was over. No more flags or points could be carved out from the system, it was locked down. The team were exhausted as they made their way to the conference floor for the drinks reception and catch up. War stories were told, experiences and tips shared between the teams and many speculated, who was to be crown the winner tomorrow night at the completion dinner in Bern.
To learn more, visit Cyber Security Challenge UK.