Cybersecurity Challenge Singapore
The Face-to-Face (F2F) competition segment of the Cybersecurity Challenge Singapore, co-organised by CSA and BAE Systems will be held on 19 September 2018 at the Singapore International Cyber Week (SICW). Top players from the Singapore Floor in CyPhinx will go through a series of real-life cyber incident response scenarios, where they will demonstrate their cybersecurity proficiencies to deal with the incident. The winners will walk away with attractive prizes such as an all-expenses paid trip to London to compete against UK players in the UK Masterclass, as well as other career enhancing prizes.
- The competition is a sequel from the online Cybersecurity competition qualifiers - CyPhinx. 30 selected contestants are invited to test their skills at the next level in the F2F competition.
- The contestants are to work together in groups of 3-4, taking on the role of security consultants to respond to a simulated cyber incident.
- Challenges are presented to the team sequentially in the form of a storyline – a concept similar to a gamebook. These challenges are designed to test individual participants’ technical skills as well as team work. Each team is to present their analysis findings to an interview panel and provide technical advice on mitigating any security breaches.
System Setup and Reading Materials
- Participants are to bring a laptop running on both Windows (e.g. Windows 7/Windows 8/Windows 10) and Linux operating systems (e.g. Ubuntu, Redhat, any UNIX-like) as some challenges are easier to handle in Windows environment and vice versa.
The laptop will be connected to a Wired Ethernet network.
- A maximum of two laptops per participant are allowed.
The challenges will include the following topics, but not limited to:
End Point Forensics
- Registry key
- Timestamp analysis
- Knowledge of TCP/UDP
- Usage of Wireshark
- Reverse engineering (For EXE files and java files)
- Document Analysis
- Binary exploit
- Discovery of SQL injection
- Discovery of Client side attack
- Concepts in cyber security
- Participants are expected to behave professionally at all times.
- Participants will not tamper with, modify, or attempt to manipulate any element of the competition including scoring and management systems.
- Denial of Service (DoS) attacks are not allowed.
- Participants will not reboot, shutdown, or intentionally disable the services or functions of the target systems.
- Participants will not conduct any offensive actions to scan, attack, or interfere with another participant's system.
- Participants are to observe cybersecurity hygiene such as locking their laptops while unattended, and provide a password to any collaborating platform for team-work based discussion. Poor practices will result in deduction of points.
- Participants are to compete without "outside assistance" from non-participants.
- Participants may not publicly disclose information about the competition or targets including flags or their means of obtaining them without the written consent of the organiser.
- Participants understand that violation of this code of conduct or any of these rules is grounds for their immediate dismissal and disqualification from the competition, as well as removal from the competition area.
- Internet resources such as company websites, FAQs, and existing forum responses may be used during competition provided there are no fees, membership, or special access required. Only resources that could reasonably be available to all participants are permitted.
- All network activity that takes place on the competition network may be logged and subject to release.
- Printed reference materials (books, magazines, checklists, etc.) are permitted.
- All competition materials, including equipment, hand-outs, and participant-generated reports and documents, must not be removed from the competition area unless specifically authorised. Personal materials brought into the competition area may only be removed after the conclusion of the competition.
- Participants should work with the competition staff to resolve any questions regarding the rules of the competition or scoring methods before the start of the competition.
- Should any questions arise about scoring, the scoring engine, or how they function, participants should immediately contact the competition staff.
- Protests must be presented in writing to the competition staff as soon as possible. The competition officials are the final arbitrators for any protests or questions arising before, during, or after the competition. Rulings by the competition officials are final. All competition results are official and final as of the end of the competition.
- Scores are given to completed challenges that are provided throughout the competition. Extra credits will be given if an individual is able to articulate how they complete the challenges.
Scores are also given during the interview panel
- to evaluate the involvement of the individual and contributions to the team
- on providing sound and practical advice for security mitigations
- good presentation and explanation of the findings.
- Bonus points will be given for team work as well as correct cybersecurity practices.
- Scores are maintained by the competition officials and may be shared at the end of the competition. Running totals may be provided during the competition.
- Attacking or otherwise interfering with the scoring system is strictly prohibited.