WiCyS Idaho, Cybersecurity & Infrastructure Security Agency (CISA) , and Idaho National Laboratory are hosting a jeopardy-style virtual Capture the Flag (CTF) oriented around an incident response scenario involving attacks on critical infrastructure. The featured critical infrastructure sectors are telecom, water purification, transportation, and electrical distribution.
The challenges have a wide range of difficulty and a set of introductory challenges. Teams may contain up to four players or compete individually.
Registration opens Monday, September 18 at 10:00 a.m. MT and remains open throughout the competition.
Registration can be found here: https://icsjwgctf.com
The CTF is open from Thursday, September 21 at 8:00 a.m. MDT through Saturday, September 23 at 5:00 p.m. MDT.
Scenario
Celestic Telecom provides services and connectivity for a large and varied set of customers. On Thursday, May 4 2023, Celestic Telecom noticed some odd behavior on their network and three of Celestic Telecom’s customers (Jubilife Water Purification, Snowpoint Transport, and Veilstone Power) also reported serious issues in their ICS/OT environments.
Players in this Capture the Flag activity will explore the network and host artifacts to discover the cause of these issues and help secure these companies and restore the functionality of their ICS/OT systems. Network traffic from May 4 across various subnets of Celestic’s networks has been ingested into Malcolm to aid in the player’s investigation.
This CTF also contains Security Foundations challenges which serve as introductory-level challenges on various security and ICS concepts, and though unrelated to the scenario, still award points!
Register HERE