Cyber Challenge 2015 was held in connection with Cyber Security & ICT 2015 Exhibition in the congress centre Jyväskylän Paviljonki from 23 to 25 September 2015 and it was open to all fairgoers. We were involved in the challenge as one of the promoters with our two different kinds of puzzles that could be performed either in our stand or remotely from competitor’s workstation. Now the same puzzles with the execution instructions can be found under this blog post and they are freely available.
The assignment of our two puzzles was simply to solve and report the encryption keys (i.e. password) hidden in the files. The encryption keys needed to be solved using a Linux operating system with typical reverse engineering techniques. One solved encryption key entitled to three points in the overall challenge.
Our puzzles’ assignment was built on the background story presented on our stand. The story was set in a hypothetical company called Skylift Ltd which was specialized in the product development of lifts. At the beginning of the story Skylift got targeted by a phishing attack with the end result that the company’s network was hacked and the trade secrets stored in the R&D environment were stolen. The trade secrets were stolen from the R&D environment while the company’s public services were under a DDoS attack.
The stolen trade secrets proved to be too strong protected against unauthorized usage which was why the hacker resorted to activate Cryptolocker ransomware in the R&D environment. When the ransomware was activated, Skylift’s crucial R&D data was encrypted. This caused all significant damage to the company’s business operations. In order to gain access to the encrypted data and restore normal business operations, Skylift was presented with two options: to pay the ransom or find another way to decrypt the data.
HARDWARE AND SOFTWARE REQUIREMENTS
64-bit GNU/Linux operating system (e.g. Kali Linux 2.0)
- Download the puzzle archive on your workstation
Download the puzzle archive challenge.tar.gz
- Extract the compressed archive
Extract the archive stored on your workstation using the operating system’s command prompt.
- Execute the extracted files
Execute the extracted files level1 and level2 on the operating system’s command prompt.
- Solve the encryption keys of the files
Solve the encryption keys of the files using command reverse engineering techniques.
Solving our puzzles competitors could earn maximum 2*3 credits to the challenge. The winner of the Cyber Challenge was decided by a lottery between the top scorers. The winner was awarded with an iPad Air Wi-Fi 16 GB. The lottery was taken place at the end of the exhibition on 25 September 2015.
You can download puzzles’ example solution from the links level1-walkthrough and level2-walkthrough.