Welcome to the 1NTERRUPT Treasure Hunt wiki page.
Here we've put the information and resources you'll need to have a basic understanding of networking, HTML, and security to be successful during the Treasure Hunt.
What Is the 1NTERRUPT Treasure Hunt?
Book learning has its place, but real life is unpredictable and unscripted. This is just as true for the cyber security world as it is in any area involving humans. Humans are illogical, emotional, and unpredictable, so if you wish to be effective in the cyber security field, it's important to realize that you're really dealing with humans, not technology. Therefore, our Treasure Hunts are designed to emulate real-world environments and the mistakes that are made by the humans who design, administer, and use networks.
Welcome to the team!
A small municipal utility (Utilitel) is under cyber attack. Clean water has stopped flowing and traffic lights around the region have been tampered with, causing grid lock and accidents. Federal authorities have called in you and your team of incident responders to:
- Stop the attack;
- Identify the bad guy(s);
- Present your evidence.
The bad guys have locked all of Utilitel’s network access points, but you found one machine that you can access remotely - sometimes called a jump box. It’s located at an office where customers can go to pay bills and is on Utilitel’s public WiFi. You’ll start there.
You have been authorized by law enforcement to follow all leads to wherever they may take you, and you have been given a waiver that releases you and your team from responsibility should you accidentally take down a system.
We know you’re new, so we’ll start you with the basic training you’ll need to be successful, and then assign you to your new team.
Utilitel is a rural multi-service utility created to meet the power, water, and other infrastructure needs of a small rural county. The company was created during the Great Depression, and it hasn’t changed much since then in terms of culture and technology. But management is aware that today’s cyber security threats cannot be ignored. A challenge for them has been to hire qualified cyber security professionals. Like many utilities, they don’t have the money compared to the likes of Apple and Google, who attract top talent and pay them well. Also securing a utility’s control network - the industrial network where the power generators are operated, for instance - is not the same as a common IT network, so it’s an even greater challenge to find professionals with expertise in both cyber security and industrial control systems (ICS).
Harry Davis, now 42, has been with Utilitel’s Operations team since he graduated college. His knowledge of ICS and familiarity with Utilitel’s operations is extensive, and Harry also has a personal interest in cyber security. Utilitel management had considered themselves fortunate for having such a skilled operator with a passion for cyber security on their Operations staff. It has saved them quite a bit of money as they haven’t felt the need to hire any cyber security professionals.
Code of Conduct
Before you get started, remember the rules of engagement.
- Be cool to others;
- Hack only what is yours and only what you have explicit permission from the owner to hack - like the Treasure Hunt;
- Use only our WiFi, and if you’re not sure which is ours, please ask;
- You can take down the Treasure Hunt if you think you’re capable, but only under these conditions:
- Wait until we give you the green light. We want everybody to have a chance to finish before the network could be rendered unusable;
- You need to share your attack methods with us. Knowledge is power and we’re all here to help each other out;
- DoS’ing is lame, so don’t bother;
- Absolutely no installation of malware.
Keys to Success
- Collaborate with your teammates;
- The most important skill you'll need is logic. The technical stuff is just a bunch of tools;
- Pay attention to the details. Everything you discover in the Treasure Hunt was put there for a reason.
Please see the Wash. Rinse. Repeat. section in the Network Security breakout page for explicit details.
The breakout sessions are short, single-topic sessions led by industry professionals and subject matter experts. They are intended to introduce you to fundamental topics on cyber security, networking, web development, design, and ethics. You'll also learn how to use the handful of tools needed during the Treasure Hunt. Use this wiki as a reference during the Treasure Hunt, but remember there will be coaches available to help you if you get stuck or have questions.
An introduction to ports, protocols, and network discovery.
An introduction to creating a simple web page and techniques used to hide/steal information in web pages.
Where is the line and when is it crossed? Ethics in Cyber Security.
Is the Treasure Hunt the same as a capture-the-flag (CTF) competition?
No. CTFs tend to focus on 1.) problems of increasing difficulty and 2.) are competitive in nature. So, 1.) we want to give you real-world problems to solve, and 2.) defeating the bad guys in the real-world requires collaboration, and that's what we encourage. We have coaches available to help you work through some of the problems, and it's not uncommon for advanced participants to help out the new participants.
Are you saying we'll all be singing Kumbaya by the end of the day?
No. Some friendly competition doesn't hurt, either, and can be a positive motivator.
I'm brand new to cyber security. How am I supposed to do this?
We're glad you asked. Most 1NTERRUPT participants are new to cyber security and hacking, and we want you to have fun. So, we make sure we hook you up with enough skills without melting your brain. The first way we help you is with breakout sessions. These are introductory levels to some key concepts that will help you during the Treasure Hunt, and in your day-to-day life after the event. We will also have coaches available for you to ask questions, and to provide hints and guidance.
I have a decent handle on cyber security. Will this be challenging?
Yes. The Treasure Hunt is designed for both beginners and advanced participants. We are sure to include advanced ways of hiding and obfuscating clues.
What tools will I need?
All participants should bring a laptop and charging cables. There aren't too many other concerns. We've tried to keep the necessary tool set to the most essential, but learning to use these tools is valuable. Just take a look at each of the breakout session pages. Each page will contain relevant links for anything that you'll need to download and install. You're welcome to use any additional tools during the Treasure Hunt that you're comfortable using.