A team of Army signallers place third in an international cyber skills competition.
A team of Army signallers has placed third in an international cyber skills competition.
The 1 CSR cyber cell competed in the cyber skills competition which was hosted by 7 Sigs Regt in Australia. Over 45 teams of some 400 participants from across FVEY military, industry, and academia competed.
Team leader Lieutenant Jessie Keivom-Lockhart said she was surprised but delighted with her team’s win.
“We were only beaten by a 7 Sig Regt team (30607pts) and one of four teams from 138 Sig Sqn (Australian Army, 29379pts). We beat 42 other teams including US and UK military teams and most of the ADF teams including Joint Cyber Unit, Fleet Cyber Unit, and the RAAF Information Warfare Sqn (462 Sqn) to name a few. It was a great effort by the Kiwi team.”
1CSR was invited by the CO of 7 Sig Regt, Australian Army to take part in the annual Australian Defence Force Cyber Skills Challenge (CSC) held at Borneo Barracks, in Cabarlah, Queensland. Forty-five teams from the ADF, FVEYs, industry and academia took part in the CSC 2019, and 1CSR was the only New Zealand team to enter the competition.
The CSC is a jeopardy style capture the flag (CTF) event where teams of six people compete to win as many individual challenges as possible in order to score the most points in a dedicated time period. The team with the most points at the conclusion of the allotted period wins.
“I was tasked build a team to enter the CSC,” said LT Keivom-Lockhart. “A call for nominations went out to make up the team, but after a nomination period, we were still one person short. In order to find personnel within 1CSR who show aptitude for CTF challenges, Mr Tim Jones (Cyber Defence Support Engineer, 1CSR Cyber Cell) and SGT Chris Courtney (Cyber Sgt, 1CSR Cyber Cell) created an internal online CTF which was distributed to all 1CSR Sqns. The CTF allowed personnel to test their cyber skills and for us to find the strongest operator on the tools to be the sixth person in our CSC team. CPL Israel McNicholl took out the top spot scoring the most points on the CTF and was selected to join the team.”
“To train for the event we started to exercise our skills on a number of mini CTF’s sent to us by the ADF and dedicated a week of training for the challenge. This included training in areas such as cryptography, steganography, penetration testing, digital forensics, and reverse engineering which we knew would all be included in the CSC.
“The CSC week started with two days of presentations and workshops by members of Australian cybersecurity organisations including the NSW Police Digital Forensics Unit, Australian Cyber Security Centre (ACSC — NCSC equivalent), Australian Signals Directorate (ASD — GCSB equivalent), Defence Science and Technology (DST — DTA equivalent) and many more. The presentations were of great value because we were able to learn about different tools and techniques which would be beneficial for both conducting the challenge and for the work we do back home.”
There were 149 individual challenges to complete, all weighted on their level of complexity, with harder challenges being worth more points. Challenges ranged between 2–800 points, with bonus points being given to the first team to solve each challenge.
“An example of a challenge we faced included having to restore services to a wind turbine which had been compromised and shut down by a notional threat actor. This tested our incident response capability as there was a series of challenges/steps that we needed to complete in order to get it back online. This started from simple: analysing a memory dump using a memory forensics tool to find the flag in the output, to difficult: carving a copy of the virus that infected the wind turbine’s control system, running that virus in a virtual machine monitoring its traffic back its C2 server, reverse engineering how the actor was communicating with the wind turbine, to take over the threat actor’s server and turn the wind turbine back on.”
LT Keivom-Lockhart said she hopes a Kiwi team can attend the CSC again next year with the aim of taking out the top spot. “However, our team has a lot of work to do before then to develop 1CSR and the NZ Army’s cyber capability. We will look to integrate defensive cyber operations training for RNZSigs personnel in order to ensure our networks and information systems are defended effectively and to continue to maintain our level of proficiency in the information environment alongside our FVEYs partners.”
For people who are interested in learning CTF skills, soft skills such as analysing, problem solving and researching skills are critical. Useful technical skills include an understanding of information technology and computer networking fundamentals, experience navigating the Linux or Windows CLI, and having basic programming and/or scripting skills would be beneficial but not necessarily required. Some good free online websites to test cyber skills is picoCTF.com, OverTheWire.org, and HackTheBox.eu.