Cyber Challenge 2015 is held in connection with Cyber Security & ICT 2015 Exhibition in the congress centre Jyväskylän Paviljonki from 23 to 25 September 2015 and it’s open to all fairgoers free of charge. We are involved in the challenge as one of the promoters with our two different kinds of puzzles that can be performed either in our stand C-123 or remotely from competitor’s workstation. The instructions to participate in the puzzles can be found below.
The assignment of our two puzzles is simply to solve and report the encryption keys (i.e. password) hidden in the files. The encryption keys need to be solved using a Linux operating system with typical reverse engineering techniques. One solved encryption key entitles to three points in the overall challenge. Every solved encryption key needs to be reported in the Jaxber mobile service or on a paper scorecard before any points can be given. You can pick a paper scorecard from the exhibitors’ stands who participate in the Cyber Challenge. The filled scorecard should be submitted to the stand of Cyber Security Finland/ Jykes Ltd (C-121) during the competition.
Our puzzles’ assignment is built on the background story presented on our stand. The story is set in a hypothetical company called Skylift Ltd which is specialized in the product development of lifts. At the beginning of the story Skylift gets targeted by a phishing attack with the end result that the company’s network is hacked and the trade secrets stored in the R&D environment are stolen. The trade secrets are stolen from the R&D environment while the company’s public services are under a DDoS attack.
The stolen trade secrets prove to be too strong protected against unauthorized usage which is why the hacker resorts to activate Cryptolocker ransomware in the R&D environment. When the ransomware is activated, Skylift’s crucial R&D data is encrypted. This causes all significant damage to the company’s business operations. In order to gain access to the encrypted data and restore normal business operations, Skylift is presented with two options: to pay the ransom or find another way to decrypt the data.
64-bit GNU/Linux operating system (e.g. Kali Linux 2.0)
Extract the archive stored on your workstation using the operating system’s command prompt.
Execute the extracted files level1 and level2 on the operating system’s command prompt.
Solve the encryption keys of the files using command reverse engineering techniques.
Report the solved encryption keys using either Jaxber mobile service or a paper scorecard.
Solving our puzzles you can earn maximum 2*3 credits to the challenge. The winner of the Cyber Challenge is decided by a lottery between the top scorers. The winner is awarded with an iPad Air Wi-Fi 16 GB. The lottery is taking place at the end of the exhibition on 25 September 2015 at 12.00 and the winner is announced at 14.00.
Further details about the challenge or its instructions can be asked from our stand C-123. Learn more about the companies parcipating in the Cyber Challenge from http://www.cyberfinland.fi/event/cyberchallenge2015/
JYVSECTEC is an independent cyber security research, training and development center.