Description

Home » Description

Introduction

The purpose of the International CyberEx is to carry out a cyber exercise among the Member States of the Organization of American States (OAS) and of the countries invited by the National Institute of Cybersecurity of Spain (INCIBE) in order to strengthen the ability to respond to cyber incidents, as well as to improve collaboration and cooperation in this type of incident. The exercise focuses directly on technical security profiles with strong knowledge in the field of Information and Communication Technologies (ICT).

The language used during the cyber exercise is English.

Last cyber exercise was held on June 13, 2018 from 14:00 UTC to 22:00 UTC.

Technical model

The cyber exercise will take place in form of a CTF (Capture the Flag) in small teams. This format is based on a model of cyber security competition and is designed to serve as a training exercise that allows participants to gain experience in tracking an intrusion, as well as to improve reaction capacities to cyber attacks analogous to those that happen in the real world. There are two main styles for the CTF: attack/defense and jeopardy. The latter is suitable for expanding technical capabilities.

Jeopardy-style competitions are usually composed of several categories of problems, each containing a variety of questions of different values. Teams compete in an 8-hour session for being the first to solve the greatest number of challenges but do not directly attack each other.

Teams

Teams may consist of Cyber Security Incident Response Teams (CSIRTs) or experts from the public or private sector, military, academia, and civil society.
Each team can count with a maximum of 4 members and a minimum of 3 members according to the following distribution:

  • 1 captain who will act as coordinator of the team and will be the sole point of contact with the organizers. In addition, the captain will be in charge of delivering the flags captured and of requesting the clues that are available for each challenge.
  • From 2 to 3 team mates who will support the captain to solve the different challenges.

The profile of the team members should be that of a technician with experience and knowledge in ICT security in at least one or more of the following fields:

Knowledge in ICT security especially in the management of incidents in information security.

  • Experience in managing security incidents and electronic fraud.
  • Experience in analysis of compromised systems, SPAM, systems and security networks.
  • Experience in malware analysis, both static and dynamic, and use of process automation tools such as behavior analysis, running analysis, etc.
  • Experience in computer forensics. Experience in the use of tools that support the process of gathering and analyzing information.
  • Experience in security audits: Methodologies, tools and technical experience in security audits or pentesting.
  • Experience in administration and bastion of operating systems.
  • Experience in network management and communications hardware, racks and applications and support services to security equipment.

Technical Requirements

The participating team is required to have at least the following resources:

  • Client machine:
    • Desktop PC or laptop.
    • Browsers supported: Chrome (preferred) or Firefox (both in the latest versions).
  • Internet connection with sufficient bandwidth per user:
    • Minimum: 1 Mbps download and 100Kbps upload.
    • Recommended: 3 Mbps download and 1Mbps upload.

Code of conduct

The following rules must be met by participants given that violating this code of conduct will disqualify the entire team and lead to an exclusion of the competition:

  1. Participants must behave in a professional manner at all times.
  2. Participants will not manipulate or attempt to modify any element of the platform, including the rating system and the administration panel.
  3. Denial of Service attacks are not allowed.
  4. Brute force attacks are not allowed, unless specifically specified otherwise.
  5. Do not restart, shut down or disable services or functions of target systems.
  6. Offensive actions to attack or interfere with the systems of other participants are not allowed.
  7. Participants will not attempt to deceive or collaborate with participants of other teams.
  8. Participants must compete without help from people outside the competition.
  9. It is not allowed to publish information about the competition, how to solve the objectives or the flags of the same, without written consent from INCIBE.
  10. Only the ranking of the 10 best teams will be announced. The rest of the positions will be anonymous.

 

All the detailed information can be checked downloading Dossier 2018